Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24908
HistoryOct 13, 2010 - 12:00 a.m.

DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service (CVE-2010-3509)

2010-10-1300:00:00
vulners.com
8
JSON

Title

DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service (CVE-2010-3509)

Severity

High

Date Discovered

November 3, 2009

Discovered By

Digital Defense, Inc. Vulnerability Research Team
Credit: Alex Kaszczuk, Alan Chin, Jose R. Hernandez and r@b13$

Vulnerability Description

The rpc.cmsd service contains an integer overflow which can allow a malicious unauthenticated user to
cause a denial of service, or remotely execute arbitrary code with root privileges.

Solution Description

Sun has addressed this vulnerability in Sun bugID 6214701. The patch is available for download through
the Oracle October Critical Patch Update (CPU) released on 12 October, 2010.

Tested Systems / Software (with versions)

Sun Solaris 10 (10/09 Download)

Vendor Contact

Vendor Name: Sun Microsystems
Vendor Website: http://www.sun.com/

Related

prion 1
seebug 1
cve 1
securityvulns 2
oracle 1
prion
prion
Design/Logic Flaw
2010-10-14 02:00:00
seebug
seebug
Solaris rpc.cmsd服务远程整数溢出漏洞
2010-10-26 00:00:00
cve
cve
CVE-2010-3509
2010-10-14 02:00:00
securityvulns
securityvulns
Oracle Critical Patch Update Advisory - October 2010
2010-10-13 00:00:00
Oracle / Sun / Peoplesoft applications multiple security vulnerabilities
2011-07-18 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2010
2010-10-12 00:00:00
JSON
Related for SECURITYVULNS:DOC:24908
prion1seebug1cve1securityvulns2oracle1