CVE-2005-0248 — Solaris vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 31.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Solaris SUN Sunos

Timeline

PublishedMay 2

Latest updateMay 1

Description

The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDsun/solaris8.0, 9.0+1

▶NVDsun/sunos5.8

Patches

Patch: secunia.com ↗Patch: sunsolve.sun.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-4jq2-84j8-gxjv: The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts↗2022-05-01

▶

CVEList

CVE-2005-0248: The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts↗2005-02-08

▶