| Revision Date: | 2009-02-16 | Version: | 16 |
| Title: | Security Vulnerability in Solaris IP Tunnel Parameter Processing May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users |
| Description: | tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2008-5689
|
| Platform(s): | Sun Solaris 10
| Product(s): | |
| Definition Synopsis |
| Solaris 10 (SPARC) meets Sun Alert 242266 Solaris 10 (SPARC) is installed
AND NOT Patch 138888-01 or later installed
OR Solaris 10 (x86) meets Sun Alert 242266
Solaris 10 (x86) is installed
AND NOT Patch 138889-01 or later installed
|