CVE-2008-3666Opensolaris vulnerability

3 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.8%
top 26.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
SUN OpensolarisSUN SolarisSUN Sunos
Timeline
PublishedAug 13
Latest updateMay 2

Description

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages3 packages

NVDsun/opensolarissnv_95+94
NVDsun/solaris10
NVDsun/sunos5.10

Patches

Patch: sunsolve.sun.comPatch: www.securityfocus.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-4mqf-xqgm-xrqm: Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic)2022-05-02
CVEList
CVE-2008-3666: Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic)2008-08-13
CVE-2008-3666 — SUN Opensolaris vulnerability | cvebase