CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-0412

Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.1%

CVSS Severity

CVSS v2 Score 2.1

References

http://osvdb.org/71646
http://secunia.com/advisories/44047
http://www.kb.cert.org/vuls/id/648244
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
http://www.securityfocus.com/bid/47171
http://www.vupen.com/english/advisories/2011/0882
https://exchange.xforce.ibmcloud.com/vulnerabilities/66579
http://osvdb.org/71646
http://secunia.com/advisories/44047
http://www.kb.cert.org/vuls/id/648244
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
http://www.securityfocus.com/bid/47171
http://www.vupen.com/english/advisories/2011/0882
https://exchange.xforce.ibmcloud.com/vulnerabilities/66579

Products affected by CVE-2011-0412

Sun » Sunos » Version: 5.10

cpe:2.3:o:sun:sunos:5.10
Sun » Sunos » Version: 5.8

cpe:2.3:o:sun:sunos:5.8
Sun » Sunos » Version: 5.9

cpe:2.3:o:sun:sunos:5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-0412

Products

Pricing

Contact Us