CVE-2008-3838 — Improper Input Validation in Opensolaris

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 82.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Opensolaris SUN Solaris

Timeline

PublishedAug 27

Latest updateMay 2

Description

Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of service.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDsun/opensolarissnv_87+86

▶NVDsun/solaris10

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-68p5-3q65-cx3v: Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local ad↗2022-05-02

▶

CVEList

CVE-2008-3838: Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local ad↗2008-08-27

▶