CVE-2009-2282

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-2282
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors.

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/35547 Broken Link Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 Broken Link Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 Broken Link Patch Vendor Advisory
http://www.osvdb.org/55329 Broken Link
http://www.securityfocus.com/bid/35502 Broken Link Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:oracle:opensolaris:*:*:*:*:*:*:sparc:*
cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:sparc:*
History

26 Jan 2024, 17:53

Type Values Removed Values Added
First Time Oracle
Oracle solaris
Oracle opensolaris
References () http://secunia.com/advisories/35547 - Vendor Advisory () http://secunia.com/advisories/35547 - Broken Link, Vendor Advisory
References () http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 - Patch () http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 - Broken Link, Patch
References () http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 - Patch, Vendor Advisory () http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 - Broken Link, Patch, Vendor Advisory
References () http://www.osvdb.org/55329 - () http://www.osvdb.org/55329 - Broken Link
References () http://www.securityfocus.com/bid/35502 - () http://www.securityfocus.com/bid/35502 - Broken Link, Third Party Advisory, VDB Entry
CPE cpe:2.3:o:sun:opensolaris:snv_76:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_70:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_95:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_49:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_73:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_106:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_104:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_42:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_71:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_100:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_57:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_84:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_107:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_85:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_53:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_43:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_51:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_74:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_41:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_91:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_105:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_62:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_56:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_72:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_47:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_40:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_83:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_94:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_80:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_82:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_54:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_102:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_44:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_66:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_86:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_96:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_98:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_89:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_64:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_52:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_61:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_59:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_99:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_108:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_90:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_75:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_50:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_48:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_45:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_93:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_65:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_92:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_101:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_46:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_68:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_103:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_87:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_69:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_58:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_67:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_63:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_60:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_77:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_55:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_78:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_97:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_81:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_79:*:sparc:*:*:*:*:*		 cpe:2.3:o:oracle:opensolaris:*:*:*:*:*:*:sparc:*
cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:sparc:*
CWE CWE-264 CWE-862
Information

Published : 2009-07-01 13:00

Updated : 2024-01-26 17:53

NVD link : CVE-2009-2282

Mitre link : CVE-2009-2282

CVE.ORG link : CVE-2009-2282

JSON object : View

Products Affected

oracle

  • opensolaris
  • solaris
CWE
CWE-862

Missing Authorization