Lucene search
MitreCVE-2004-2306HistoryAug 16, 2005 - 4:00 a.m.
CVE-2004-2306
2005-08-1604:00:00
mitre
web.nvd.nist.gov
28
cve-2004-2306
sun solaris
bsm
security hardening
sunwscpu
audit_warn
mail alerts
escape detection
nvd
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
26.5%
Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection.
Affected configurations
Node
sunsolarisMatch7.0x86
ORsunsolarisMatch8.0x86
ORsunsolarisMatch9.0sparc
ORsunsolarisMatch9.0x86
ORsunsunosMatch5.7
ORsunsunosMatch5.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sun | solaris | 7.0 | cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:* |
| sun | solaris | 8.0 | cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:* |
| sun | solaris | 9.0 | cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:* |
| sun | solaris | 9.0 | cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:* |
| sun | sunos | 5.7 | cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:* |
| sun | sunos | 5.8 | cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:* |
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
26.5%
Related for CVE-2004-2306