CVE-2009-2282

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-2282
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors.

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/35547 Broken Link Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 Broken Link Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 Broken Link Patch Vendor Advisory
http://www.osvdb.org/55329 Broken Link
http://www.securityfocus.com/bid/35502 Broken Link Third Party Advisory VDB Entry
http://secunia.com/advisories/35547 Broken Link Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 Broken Link Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 Broken Link Patch Vendor Advisory
http://www.osvdb.org/55329 Broken Link
http://www.securityfocus.com/bid/35502 Broken Link Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:oracle:opensolaris:*:*:*:*:*:*:sparc:*
cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:sparc:*
History

21 Nov 2024, 01:04

Type Values Removed Values Added
References () http://secunia.com/advisories/35547 - Broken Link, Vendor Advisory () http://secunia.com/advisories/35547 - Broken Link, Vendor Advisory
References () http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 - Broken Link, Patch () http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 - Broken Link, Patch
References () http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 - Broken Link, Patch, Vendor Advisory () http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 - Broken Link, Patch, Vendor Advisory
References () http://www.osvdb.org/55329 - Broken Link () http://www.osvdb.org/55329 - Broken Link
References () http://www.securityfocus.com/bid/35502 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/35502 - Broken Link, Third Party Advisory, VDB Entry

26 Jan 2024, 17:53

Type Values Removed Values Added
First Time Oracle
Oracle opensolaris
Oracle solaris
CWE CWE-264 CWE-862
CPE cpe:2.3:o:sun:opensolaris:snv_69:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_104:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_100:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_65:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_55:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_44:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_45:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_80:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_52:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_98:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_92:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_43:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_82:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_64:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_107:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_41:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_87:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_101:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_70:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_62:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_78:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_58:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_96:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_61:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_106:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_93:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_72:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_50:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_40:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_86:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_75:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_74:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_97:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_84:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_108:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_56:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_81:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_105:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_71:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_79:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_77:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_57:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_73:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_66:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_60:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_89:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_53:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_94:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_83:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_63:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_91:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_76:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_46:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_90:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_103:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_95:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_67:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_48:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_47:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_51:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_59:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_54:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_68:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_85:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_42:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_99:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_102:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_49:*:sparc:*:*:*:*:*		 cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:sparc:*
cpe:2.3:o:oracle:opensolaris:*:*:*:*:*:*:sparc:*
References (SUNALERT) http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 - Patch, Vendor Advisory (SUNALERT) http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 - Broken Link, Patch, Vendor Advisory
References (CONFIRM) http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 - Patch (CONFIRM) http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 - Broken Link, Patch
References (OSVDB) http://www.osvdb.org/55329 - (OSVDB) http://www.osvdb.org/55329 - Broken Link
References (BID) http://www.securityfocus.com/bid/35502 - (BID) http://www.securityfocus.com/bid/35502 - Broken Link, Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/35547 - Vendor Advisory (SECUNIA) http://secunia.com/advisories/35547 - Broken Link, Vendor Advisory
Information

Published : 2009-07-01 13:00

Updated : 2024-11-21 01:04

NVD link : CVE-2009-2282

Mitre link : CVE-2009-2282

CVE.ORG link : CVE-2009-2282

JSON object : View

Products Affected

oracle

  • opensolaris
  • solaris
CWE
CWE-862

Missing Authorization


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024