PT-2008-5210 · Sun · Opensolaris+1

Published

2008-09-02

Updated

2017-09-29

CVE-2008-3875

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sun Solaris versions 8 through 10 OpenSolaris versions prior to snv 90

Description The issue allows local users to bypass security restrictions, including chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel. This is achieved through unspecified vectors involving system calls.

Recommendations For Sun Solaris versions 8 through 10, update to a version outside of the affected range to resolve the issue. For OpenSolaris versions prior to snv 90, update to version snv 90 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2008-3875

Affected Products

Opensolaris

Sun Solaris

PT-2008-5210 · Sun · Opensolaris+1

CVE-2008-3875

Weakness Enumeration

Related Identifiers

Affected Products

References · 8