CVE-2008-3666
OpenSolaris < snv_96 - Denial of Service via sendfilev System Call
Title source: llmDescription
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5128
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239186-1
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2337
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/47375
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31426
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020666
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44396
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30654
Scores
EPSS
0.0078
EPSS Percentile
73.8%
Details
Status
published
Products (17)
sun/opensolaris
snv_01 (3 CPE variants)
sun/opensolaris
snv_02 (3 CPE variants)
sun/opensolaris
snv_03 (3 CPE variants)
sun/opensolaris
snv_04 (3 CPE variants)
sun/opensolaris
snv_05 (3 CPE variants)
sun/opensolaris
snv_06 (3 CPE variants)
sun/opensolaris
snv_07 (3 CPE variants)
sun/opensolaris
snv_08 (3 CPE variants)
sun/opensolaris
snv_09 (3 CPE variants)
sun/opensolaris
snv_10 (3 CPE variants)
... and 7 more
Published
Aug 13, 2008
Tracked Since
Feb 18, 2026