CVE-2008-1095 — Solaris vulnerability

CWE-2643 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

0.6%

top 29.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Solaris SUN Sunos

Timeline

PublishedFeb 29

Latest updateMay 1

Description

Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 8.0 | Impact: 6.9

Affected Packages2 packages

▶NVDsun/solaris10, 8, 9+2

▶NVDsun/sunos5.10, 5.8, 5.9+2

Patches

Patch: sunsolve.sun.com ↗Patch: www.securityfocus.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-m44m-64rp-8q3x: Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall↗2022-05-01

▶

CVEList

CVE-2008-1095: Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall↗2008-02-29

▶