vendor:
Solaris
by:
qaaz
7.5
CVSS
HIGH
Kernel Memory Disclosure
200
CWE
Product Name: Solaris
Affected Version From: Solaris 10 without patch 118833-09 (SPARC) or 118855-06 (x86)
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: o:sun:solaris:10
Platforms Tested: Solaris
2006
Solaris sysinfo Kernel Memory Disclosure
This exploit allows an attacker to disclose kernel memory information on Solaris systems. It takes advantage of a vulnerability in the sysinfo() function, which can be used to obtain sensitive system information. By exploiting this vulnerability, an attacker can retrieve kernel memory contents, potentially exposing sensitive data.
Mitigation:
Apply the latest security patches provided by the vendor. Ensure that the system is running the latest version of Solaris with all necessary updates.