CVE-2008-3870Improper Restriction of Operations within the Bounds of a Memory Buffer in Solaris

CWE-1893 documents3 sources
Severity
10.0CRITICALNVD
EPSS
30.6%
top 3.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Solaris
Timeline
PublishedMay 26
Latest updateMay 2

Description

Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsun/solaris8.0, 9.0+1

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-4fcg-8w49-fpj6: Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-ba2022-05-02
CVEList
CVE-2008-3870: Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-ba2009-05-26
CVE-2008-3870 — SUN Solaris vulnerability | cvebase