PT-2010-2068 · Sun · Opensolaris

Published

2010-01-08

Updated

2017-08-17

CVE-2010-0271

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Sun OpenSolaris versions snv 51 through snv 130

Description The issue makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification, due to hald not having the proc audit privilege during attempts to write to the auditing log.

Recommendations For Sun OpenSolaris versions snv 51 through snv 130, consider granting the proc audit privilege to hald to ensure proper auditing of changes to connected hardware devices.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2010-0271

Affected Products

Opensolaris

PT-2010-2068 · Sun · Opensolaris

CVE-2010-0271

Weakness Enumeration

Related Identifiers

Affected Products

References · 6