CVE-2009-3000Opensolaris vulnerability

CWE-39912 documents5 sources
Severity
7.1HIGHNVD
EPSS
0.4%
top 37.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN OpensolarisSUN Solaris
Timeline
PublishedAug 28
Latest updateMay 2

Description

The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling."

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages2 packages

NVDsun/opensolaris82 versions+81
NVDsun/solaris10.0

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-9rrc-79p2-q54h: The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, all2022-05-02
CVEList
CVE-2009-3000: The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, all2009-08-28

💥Exploits & PoCs

8
Exploit-DB
Asx to Mp3 2.7.5 - Local Stack Overflow2014-10-07
Exploit-DB
TEKUVA - Password Reminder Authentication Bypass2009-11-21
Exploit-DB
Linux Kernel 2.6.x - '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service2009-08-28
Exploit-DB
KSP 2006 FINAL - '.m3u' Universal Local Buffer (SEH)2009-08-24
Exploit-DB
A2 Media Player Pro 2.51 - '.m3u' / '.m3l' Universal Local Buffer Overflow (SEH)2009-08-06

💬Community

1
Bugzilla
CVE-2009-3613 kernel: flood ping cause out-of-iommu error and panic when mtu larger than 15002009-10-15
CVE-2009-3000 — SUN Opensolaris vulnerability | cvebase