Vigil@nce - Oracle Solaris: several vulnerabilities of April 2015
June 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities of Oracle Solaris were announced in April
2015.
Impacted products: Solaris
Severity: 2/4
Creation date: 15/04/2015
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Oracle Solaris.
An attacker can use a vulnerability of Accounting commands, in
order to obtain information, to alter information, or to trigger a
denial of service. [severity:2/4; CVE-2015-2577]
An attacker can use a vulnerability of ZFS File System, in order
to obtain information, to alter information, or to trigger a
denial of service. [severity:2/4; CVE-2015-0448]
An attacker can use a vulnerability of Kernel IDMap, in order to
trigger a denial of service. [severity:2/4; CVE-2015-2578]
An attacker can use a vulnerability of libelfsign, in order to
obtain information, to alter information, or to trigger a denial
of service. [severity:2/4; CVE-2015-0471]
An attacker can use a vulnerability of Oracle VM Server for SPARC,
in order to obtain information. [severity:2/4; CVE-2014-3566]
An attacker can use a vulnerability of Oracle VM Server for SPARC,
in order to obtain information. [severity:2/4; CVE-2015-0452]
An attacker can use a vulnerability of Text Utilities, in order to
obtain information. [severity:1/4; CVE-2015-2574]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Oracle-Solaris-several-vulnerabilities-of-April-2015-16613