Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2017-3630

Published: 22/06/2017 Updated: 03/10/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.3 | Impact Score: 3.4 | Exploitability Score: 1.8
VMScore: 470
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Oracle

Vulnerability Summary

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

Vulnerable Product Search on Vulmon Subscribe to Product

oracle solaris 10

oracle solaris 11

Exploits

Exploit DB: Solaris - RSH Stack Clash Privilege Escalation (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = GoodRanking include Msf::Post::File include Msf::Post::Solaris::Priv include Msf::Post::Solaris::System include Msf::Post::Solaris::Kernel incl ...
Exploit DB: Oracle Solaris 11.1/11.3 (RSH) - 'Stack Clash' Local Privilege Escalation
/* * Solaris_rshc for CVE-2017-3630, CVE-2017-3629, CVE-2017-3631 * Copyright (C) 2017 Qualys, Inc * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later v ...
Exploit DB: Oracle Solaris 11.1 / 11.3 rsh Stack Clash Privilege Escalation
Oracle Solaris versions 111 and 113 rsh local privilege escalation stack clash exploit ...
Exploit DB: Solaris RSH Stack Clash Privilege Escalation
This Metasploit module exploits a vulnerability in RSH on unpatched Solaris systems which allows users to gain root privileges The stack guard page on unpatched Solaris systems is of insufficient size to prevent collisions between the stack and heap memory, aka Stack Clash This Metasploit module uploads and executes Qualys' Solaris_rshc exploit, ...

References

CWE-787http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-3629-3757403.htmlhttp://www.securityfocus.com/bid/99153https://www.exploit-db.com/exploits/42270/https://www.exploit-db.com/exploits/45625/https://nvd.nist.govhttps://www.exploit-db.com/exploits/45625/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook