Lucene search
HistoryApr 19, 2011 - 7:55 p.m.
CVE-2011-0412
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.001
Percentile
25.7%
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
Affected configurations
Node
sunsunosMatch5.8
ORsunsunosMatch5.9
ORsunsunosMatch5.10
Related
prion
prion
Default credentials
2011-04-19 19:55:00
cert
cert
Oracle Solaris 10 password hashes leaked through back-out patch files
2011-04-05 00:00:00
cvelist
cvelist
CVE-2011-0412
2011-04-19 19:00:00
nessus
nessus
Solaris 8 (x86) : 110935-28
2004-07-12 00:00:00
Solaris 8 (sparc) : 110934-28
2004-07-12 00:00:00
Solaris 10 (x86) : 119255-92
2018-03-12 00:00:00
seebug
seebug
Oracle Solaris 10εζ»θ‘₯δΈζδ»Άε―η εεΈζ³ι²ζΌζ΄
2011-04-08 00:00:00
cve
cve
CVE-2011-0412
2011-04-19 19:55:01
securityvulns
securityvulns
oracle
oracle
cpuapr2011
2011-04-19 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.001
Percentile
25.7%
Related for NVD:CVE-2011-0412