Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2007-5225

Published: 05/10/2007 Updated: 30/10/2018
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 495
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Sunos

Vulnerability Summary

Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.

Vulnerable Product Search on Vulmon Subscribe to Product

sun sunos 5.8

sun sunos 5.9

sun sunos 5.10

Exploits

Exploit DB: Solaris 8/9/10 - 'fifofs I_PEEK' Local Kernel Memory Leak
/* * $Id: raptor_peekc,v 11 2007/10/18 08:09:02 raptor Exp $ * * raptor_peekc - Solaris fifofs I_PEEK kernel memory leak * Copyright (c) 2007 Marco Ivaldi <raptor@0xdeadbeefinfo> * * [Lame] integer signedness error in FIFO filesystems (named pipes) on Sun * Solaris 8 through 10 allows local users to read the contents of unspecifie ...
Exploit DB: solaris-memleak.txt
Exploit that demonstrates how an integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative value to the I_PEEK ioctl ...

References

CWE-189http://sunsolve.sun.com/search/document.do?assetkey=1-26-103061-1http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=603http://support.avaya.com/elmodocs2/security/ASA-2007-463.htmhttp://www.securityfocus.com/bid/25905http://www.securitytracker.com/id?1018766http://secunia.com/advisories/27024http://secunia.com/advisories/27654http://www.vupen.com/english/advisories/2007/3339https://exchange.xforce.ibmcloud.com/vulnerabilities/36918https://www.exploit-db.com/exploits/5227https://www.exploit-db.com/exploits/4516https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2170http://www.securityfocus.com/archive/1/481501/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/5227/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook