CVE-2008-5689

Solaris 10/OpenSolaris - DoS

Title source: llm

Description

tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference.

Exploits (1)

exploitdb WORKING POC

by peri.carding · clocalsolaris

https://www.exploit-db.com/exploits/15962

View Code ZIP pw:eip

References (11)

[Vendor Advisory] http://secunia.com/advisories/33160

[Patch, Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-26-242266-1

[Various Sources] http://www.trapkit.de/advisories/TKADV2008-015.txt

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47449

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5949

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/499352/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/32904

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/15962

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021464

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/3454

[Third Party Advisory] http://securityreason.com/securityalert/4801

Scores

EPSS 0.0023

EPSS Percentile 45.7%

Details

CWE

CWE-399

Status published

Products (25)

sun/opensolaris snv_01 (2 CPE variants)

sun/opensolaris snv_02 (2 CPE variants)

sun/opensolaris snv_03 (2 CPE variants)

sun/opensolaris snv_04 (2 CPE variants)

sun/opensolaris snv_05 (2 CPE variants)

sun/opensolaris snv_06 (2 CPE variants)

sun/opensolaris snv_07 (2 CPE variants)

sun/opensolaris snv_08 (2 CPE variants)

sun/opensolaris snv_09 (2 CPE variants)

sun/opensolaris snv_10 (2 CPE variants)

... and 15 more

Published Dec 19, 2008

Tracked Since Feb 18, 2026