Vigil@nce - Solaris: several vulnerabilities of April 2013
May 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Solaris are fixed by the CPU of April
2013.
– Impacted products: Solaris, Trusted Solaris
– Severity: 2/4
– Creation date: 17/04/2013
DESCRIPTION OF THE VULNERABILITY
A Critical Patch Update fixes several vulnerabilities of Solaris.
An attacker can use a vulnerability of Filesystem/NFS, in order to
obtain or alter information. [severity:2/4; BID-59157,
CVE-2013-0405]
An attacker can use a vulnerability of RBAC Configuration, in
order to obtain information, to alter information, or to create a
denial of service. [severity:2/4; BID-59174, CVE-2013-0411]
An attacker can use a vulnerability of Filesystem, in order to
create a denial of service. [severity:2/4; BID-59186,
CVE-2013-1507]
An attacker can use a vulnerability of Kernel/IO, in order to
create a denial of service. [severity:2/4; BID-59199,
CVE-2013-1498]
An attacker can use a vulnerability of Kernel/IO, in order to
create a denial of service. [severity:2/4; BID-59197,
CVE-2013-1496]
An attacker can use a vulnerability of Kernel, in order to create
a denial of service. [severity:2/4; BID-59193, CVE-2013-1494]
An attacker can use a vulnerability of CPU performance counters
drivers, in order to create a denial of service. [severity:2/4;
BID-59204, CVE-2013-0408]
An attacker can use a vulnerability of Remote Execution Service,
in order to obtain information, to alter information, or to create
a denial of service. [severity:2/4; BID-59214, CVE-2013-0413]
An attacker can use a vulnerability of Kernel/IPsec, in order to
alter information. [severity:2/4; BID-59245, CVE-2013-0406]
An attacker can use a vulnerability of Kernel, in order to create
a denial of service. [severity:2/4; BID-59221, CVE-2013-1530]
An attacker can use a vulnerability of Kernel/Boot, in order to
obtain information, to alter information, or to create a denial of
service. [severity:2/4; BID-59230, CVE-2013-0404]
An attacker can use a vulnerability of pax, in order to alter
information, or to create a denial of service. [severity:2/4;
BID-59236, CVE-2013-0412]
An attacker can use a vulnerability of Libraries/Libc, in order to
create a denial of service. [severity:2/4; BID-59241,
CVE-2012-0570]
An attacker can use a vulnerability of Utility/fdformat, in order
to obtain information. [severity:2/4; BID-59233, CVE-2012-0568]
An attacker can use a vulnerability of Utility, in order to create
a denial of service. [severity:1/4; BID-59235, CVE-2013-0403]
An attacker can use a vulnerability of Network Configuration, in
order to create a denial of service. [severity:1/4; BID-59238,
CVE-2013-1499]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Solaris-several-vulnerabilities-of-April-2013-12682