New Search

Security Vulnerability in Solaris IP Tunnel Parameter Processing May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users

oval:org.mitre.oval:def:5949

tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request which triggers a NULL pointer dereference.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2008-5689
Product(s):