vendor:
Solaris
by:
Unknown
5.5
CVSS
MEDIUM
Local Denial-of-Service
399
CWE
Product Name: Solaris
Affected Version From: Sun Solaris 10
Affected Version To: All versions
Patch Exists: YES
Related CWE: CVE-2010-0001
CPE: o:sun:solaris:10
Metasploit:
https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2011-2213/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2011-1044/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2010-4649/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2010-3493/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2010-2059/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2010-2089/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2010-1634/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2010-0787/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0095/, https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0001-cve-2010-0547/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2010-0001/, https://www.rapid7.com/db/vulnerabilities/vmsa-2010-0009-1-service-console-package-gzip-cve-2010-0001/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0061/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2010-0001/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2010-0001/, https://www.rapid7.com/db/vulnerabilities/apple-osx-gzip-cve-2010-0001/
Platforms Tested: Sun Solaris
2010
Local Denial-of-Service Vulnerability in Sun Solaris
The vulnerability allows local users to cause denial-of-service conditions in certain filesystem commands. By executing a specific Perl command, an attacker can create a large number of directories, causing the system to become unresponsive and leading to a denial-of-service.
Mitigation:
Apply the necessary patch or update provided by the vendor.
