T
he Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors.
References
| Link | Resource |
|---|---|
| http://secunia.com/advisories/35547 | Broken Link Vendor Advisory |
| http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 | Broken Link Patch |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 | Broken Link Patch Vendor Advisory |
| http://www.osvdb.org/55329 | Broken Link |
| http://www.securityfocus.com/bid/35502 | Broken Link Third Party Advisory VDB Entry |
| http://secunia.com/advisories/35547 | Broken Link Vendor Advisory |
| http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 | Broken Link Patch |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 | Broken Link Patch Vendor Advisory |
| http://www.osvdb.org/55329 | Broken Link |
| http://www.securityfocus.com/bid/35502 | Broken Link Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:04
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://secunia.com/advisories/35547 - Broken Link, Vendor Advisory | |
| References | () http://sunsolve.sun.com/search/document.do?assetkey=1-21-141778-01-1 - Broken Link, Patch | |
| References | () http://sunsolve.sun.com/search/document.do?assetkey=1-66-262708-1 - Broken Link, Patch, Vendor Advisory | |
| References | () http://www.osvdb.org/55329 - Broken Link | |
| References | () http://www.securityfocus.com/bid/35502 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2009-07-01 13:00
Updated : 2025-04-09 00:30
NVD link : CVE-2009-2282
Mitre link : CVE-2009-2282
CVE.ORG link : CVE-2009-2282
JSON object : View
Products Affected
CWE
CWE-862
Missing Authorization