PT-2008-2572 · Sun · Snoop+2
Gael Delalleau
·
Publicado
2008-08-08
·
Atualizado
2018-10-30
·
CVE-2008-0964
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
snoop versions on Sun Solaris 8 through 10 and OpenSolaris before snv 96
Description
The issue is related to multiple stack-based buffer overflows in the snoop utility. This occurs when the -o option is omitted and a crafted SMB packet is received, allowing remote attackers to execute arbitrary code.
Recommendations
For snoop on Sun Solaris 8 through 10 and OpenSolaris before snv 96, consider using the -o option to mitigate the risk of exploitation. As a temporary workaround, restrict access to the snoop utility until a patch is available.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Opensolaris
Sun Solaris
Snoop