Detections
Analytics
Oracle Solaris Critical Patch Update : jul2018_SRU11_3_32_4_0
high Nessus Plugin ID 111189
Language:
Synopsis
The remote Solaris system is missing a security patch from CPU jul2018.Description
This Solaris system is missing necessary patches to address a critical security update :- Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. (CVE-2018-2908)
Solution
Install the jul2018 CPU from the Oracle support website.See Also
https://support.oracle.com/epmos/faces/DocumentDisplay?id=2419155.1
Plugin Details
Severity: High
ID: 111189
File Name: solaris_jul2018_SRU11_3_32_4_0.nasl
Version: 1.8
Type: local
Family: Solaris Local Security Checks
Published: 7/20/2018
Updated: 8/11/2022
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS v3
Risk Factor: High
Base Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Vulnerability Information
CPE: cpe:/o:oracle:solaris:11.3
Required KB Items: Host/local_checks_enabled, Host/Solaris11/release
Patch Publication Date: 7/17/2018
Vulnerability Publication Date: 7/18/2018
Reference Information
CVE: CVE-2018-2908