CVE-2007-2882 - OpenCVE

Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Sun	Solaris Sunos

Configuration 1 [-]

OR	cpe:2.3:o:sun:solaris:8.0::x86:::::
	cpe:2.3:o:sun:solaris:9.0::x86:::::
	cpe:2.3:o:sun:solaris:10.0::x86:::::
	cpe:2.3:o:sun:sunos:5.8:::::::*
	cpe:2.3:o:sun:sunos:5.9:::::::*
	cpe:2.3:o:sun:sunos:5.10:::::::*

References

Link	Resource
http://osvdb.org/34908
http://secunia.com/advisories/25403	Patch Vendor Advisory
http://secunia.com/advisories/25879
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102911-1	Exploit Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-245.htm
http://www.securityfocus.com/bid/24145
http://www.securitytracker.com/id?1018129
http://www.vupen.com/english/advisories/2007/1943
https://exchange.xforce.ibmcloud.com/vulnerabilities/34504
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1957

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-30T01:00:00

Updated: 2017-10-10T00:57:01

Reserved: 2007-05-29T00:00:00

Link: CVE-2007-2882

JSON object: View

NVD Information

Status : Modified

Published: 2007-05-30T01:30:00.000

Modified: 2018-10-30T16:25:37.090

Link: CVE-2007-2882

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-05-24T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25879", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25879"}, {"name": "24145", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24145"}, {"name": "34908", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/34908"}, {"name": "25403", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25403"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-245.htm"}, {"name": "102911", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102911-1"}, {"name": "oval:org.mitre.oval:def:1957", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1957"}, {"name": "ADV-2007-1943", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1943"}, {"name": "solaris-nfs-acl-dos(34504)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34504"}, {"name": "1018129", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018129"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2882", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25879", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25879"}, {"name": "24145", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24145"}, {"name": "34908", "refsource": "OSVDB", "url": "http://osvdb.org/34908"}, {"name": "25403", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25403"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-245.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-245.htm"}, {"name": "102911", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102911-1"}, {"name": "oval:org.mitre.oval:def:1957", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1957"}, {"name": "ADV-2007-1943", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1943"}, {"name": "solaris-nfs-acl-dos(34504)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34504"}, {"name": "1018129", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018129"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2882", "datePublished": "2007-05-30T01:00:00", "dateReserved": "2007-05-29T00:00:00", "dateUpdated": "2017-10-10T00:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*", "matchCriteriaId": "A1E585DC-FC74-4BB0-96B7-C00B6DB610DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el m\u00f3dulo cliente NFS de Sun Solaris 8 hasta 10 anterior al 24/05/2007, cuando opera como un servidor NFS, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante determinados paquetes de Lista de Control de Acceso (Access Control List o acl)."}], "id": "CVE-2007-2882", "lastModified": "2018-10-30T16:25:37.090", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-30T01:30:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/34908"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/25403"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25879"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102911-1"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-245.htm"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24145"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018129"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1943"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34504"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1957"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}