SB2018041814 - Multiple vulnerabilities in Oracle Sun Systems Products
Published: April 18, 2018 Updated: February 23, 2023
Security Bulletin ID
SB2018041814
Severity
High
Patch available
YES
Number of vulnerabilities
13
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 13 secuirty vulnerabilities.
1) Remote code execution (CVE-ID: CVE-2017-17562)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to an error in the cgiHandler function when CGI is enabled and a CGI program is dynamically linked. A remote attacker can make untrusted HTTP request parameters containing shared object payload in the cgiHandler function in cgi.c, allocate an array of pointers for the envp argument of the new process, initialize the environment of forked CGI scripts and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
2) Security restrictions bypass (CVE-ID: CVE-2018-2563)
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information and write arbitrary files on the target system.The weakness exists in the Solaris LDAP Library component due to improper security restrictions. A remote attacker can partially access and partially modify data.
3) Security restrictions bypass (CVE-ID: CVE-2018-2718)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in the Solaris RPC component due to improper security restrictions. A remote attacker can cause the service to crash.
4) Security restrictions bypass (CVE-ID: CVE-2018-2753)
The vulnerability allows a local attacker to obtain potentially sensitive information and write arbitrary files on the target system.The weakness exists in the Solaris Python modules component due to improper security restrictions. A local attacker can access and modify data.
5) Security restrictions bypass (CVE-ID: CVE-2018-2754)
The vulnerability allows a local attacker to write arbitrary files and cause DoS condition on the target system.The weakness exists in the Solaris ZVNET Driver component due to improper security restrictions. A local attacker can modify data and cause the service to crash.
6) Security restrictions bypass (CVE-ID: CVE-2018-2763)
The vulnerability allows a local attacker to write arbitrary files on the target system.The weakness exists in the Solaris NTPD component due to improper security restrictions. A local attacker can partially modify data.
7) Security restrictions bypass (CVE-ID: CVE-2018-2764)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in the Solaris Kernel component due to improper security restrictions. A remote attacker can cause the service to crash.
8) Security restrictions bypass (CVE-ID: CVE-2018-2792)
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information and write arbitrary files on the target system.The weakness exists in the Hardware Management Pack Ipmitool component due to improper security restrictions. A remote attacker can partially access and partially modify data.
9) Security restrictions bypass (CVE-ID: CVE-2018-2808)
The vulnerability allows a local attacker to cause DoS condition on the target system.The weakness exists in the Solaris Kernel component due to improper security restrictions. A local attacker can cause the service to crash.
10) Security restrictions bypass (CVE-ID: CVE-2018-2822)
The vulnerability allows a local attacker to obtain potentially sensitive information, write arbitrary files and cause DoS condition on the target system.The weakness exists in the Solaris Cluster Geo component due to improper security restrictions. A local attacker can partially access data, partially modify data and partially cause the service to crash.
11) Security restrictions bypass (CVE-ID: CVE-2018-2857)
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information, write arbitrary files and cause DoS condition on the target system.The weakness exists in the Sun ZFS Storage Appliance Kit (AK) HTTP data path subsystems component due to improper security restrictions. A remote attacker can partially access data, partially modify data and partially cause the service to crash.
12) Security restrictions bypass (CVE-ID: CVE-2018-2858)
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.The weakness exists in the Sun ZFS Storage Appliance Kit (AK) HTTP data path subsystems component due to improper security restrictions. A remote attacker can partially access data.
13) Security restrictions bypass (CVE-ID: CVE-2018-2863)
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.The weakness exists in the Sun ZFS Storage Appliance Kit (AK) API frameworks component due to improper security restrictions. A remote attacker can partially access data.
Remediation
Install update from vendor's website.