CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS
Percentile
100.0%
This Solaris system is missing necessary patches to address a critical security update :
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Oracle CPU for apr2018.
#
include("compat.inc");
if (description)
{
script_id(109176);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/08/11");
script_cve_id("CVE-2017-5753");
script_xref(name:"IAVA", value:"2018-A-0020");
script_name(english:"Oracle Solaris Critical Patch Update : apr2018_SRU11_3_31_6_0 (Spectre)");
script_summary(english:"Check for the apr2018 CPU");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Solaris system is missing a security patch from CPU
apr2018."
);
script_set_attribute(
attribute:"description",
value:
"This Solaris system is missing necessary patches to address a critical
security update :
- Vulnerability in the Oracle Communications LSMS
component of Oracle Communications Applications
(subcomponent: Platform (Kernel)). Supported versions
that are affected are 13.1, 13.2 and 13.3. Difficult to
exploit vulnerability allows low privileged attacker
with logon to the infrastructure where Oracle
Communications LSMS executes to compromise Oracle
Communications LSMS. While the vulnerability is in
Oracle Communications LSMS, attacks may significantly
impact additional products. Successful attacks of this
vulnerability can result in unauthorized access to
critical data or complete access to all Oracle
Communications LSMS accessible data. (CVE-2017-5753)"
);
script_set_attribute(
attribute:"see_also",
value:"https://support.oracle.com/epmos/faces/DocumentDisplay?id=2379155.1"
);
# https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/4422902.xml
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?64303a9a"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.oracle.com/security-alerts/cpuapr2018.html"
);
script_set_attribute(
attribute:"solution",
value:"Install the apr2018 CPU from the Oracle support website."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'CANVAS');
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.3");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/04");
script_set_attribute(attribute:"patch_publication_date", value:"2018/04/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/20");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("solaris.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Solaris11/release");
if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
fix_release = "0.5.11-0.175.3.31.0.6.0";
flag = 0;
if (solaris_check_release(release:"0.5.11-0.175.3.31.0.6.0", sru:"11.3.31.6.0") > 0) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report2());
else security_warning(0);
exit(0);
}
audit(AUDIT_OS_RELEASE_NOT, "Solaris", fix_release, release);
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS
Percentile
100.0%