CVE-2008-2710 — Solaris vulnerability

CWE-1894 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 76.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Solaris SUN Sunos SUN Opensolaris

Timeline

PublishedJun 16

Latest updateMay 1

Description

Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed compariso…

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶NVDsun/opensolaris10

▶NVDsun/solaris10

▶NVDsun/sunos-

🔴Vulnerability Details

GHSA

GHSA-f72f-rm67-r857: Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi↗2022-05-01

▶

CVEList

CVE-2008-2710: Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi↗2008-06-16

▶

💥Exploits & PoCs

Exploit-DB

eFront 3.5.1 / build 2710 - Arbitrary File Upload↗2008-09-30

▶