CVE-2007-5462 - Vulnerability Details - OpenCVE

Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sun	Solaris

Configuration 1 [-]

OR	cpe:2.3:o:sun:solaris:8.0::sparc:::::
	cpe:2.3:o:sun:solaris:8.0::x86:::::
	cpe:2.3:o:sun:solaris:9.0::sparc:::::
	cpe:2.3:o:sun:solaris:9.0::x86:::::
	cpe:2.3:o:sun:solaris:10.0::sparc:::::
	cpe:2.3:o:sun:solaris:10.0::x86:::::

No data.

References

Link	Providers
http://osvdb.org/40814
http://secunia.com/advisories/27183
http://secunia.com/advisories/27386
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103082-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200590-1
http://support.avaya.com/elmodocs2/security/ASA-2007-437.htm
http://www.securityfocus.com/bid/26071
http://www.securitytracker.com/id?1018818
http://www.vupen.com/english/advisories/2007/3490
https://exchange.xforce.ibmcloud.com/vulnerabilities/37194
https://exchange.xforce.ibmcloud.com/vulnerabilities/37195

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-15T22:00:00

Updated: 2024-08-07T15:31:58.311Z

Reserved: 2007-10-15T00:00:00

Link: CVE-2007-5462

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-10-15T22:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-5462

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "solaris-rpc-services-dos(37194)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37194"}, {"name": "103082", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103082-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-437.htm"}, {"name": "ADV-2007-3490", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3490"}, {"name": "40814", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/40814"}, {"name": "200590", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200590-1"}, {"name": "1018818", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018818"}, {"name": "solaris-mountd-dos(37195)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37195"}, {"name": "27386", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27386"}, {"name": "27183", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27183"}, {"name": "26071", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26071"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5462", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "solaris-rpc-services-dos(37194)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37194"}, {"name": "103082", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103082-1"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-437.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-437.htm"}, {"name": "ADV-2007-3490", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3490"}, {"name": "40814", "refsource": "OSVDB", "url": "http://osvdb.org/40814"}, {"name": "200590", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200590-1"}, {"name": "1018818", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018818"}, {"name": "solaris-mountd-dos(37195)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37195"}, {"name": "27386", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27386"}, {"name": "27183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27183"}, {"name": "26071", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26071"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:31:58.311Z"}, "title": "CVE Program Container", "references": [{"name": "solaris-rpc-services-dos(37194)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37194"}, {"name": "103082", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103082-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-437.htm"}, {"name": "ADV-2007-3490", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3490"}, {"name": "40814", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/40814"}, {"name": "200590", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200590-1"}, {"name": "1018818", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018818"}, {"name": "solaris-mountd-dos(37195)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37195"}, {"name": "27386", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27386"}, {"name": "27183", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27183"}, {"name": "26071", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26071"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5462", "datePublished": "2007-10-15T22:00:00", "dateReserved": "2007-10-15T00:00:00", "dateUpdated": "2024-08-07T15:31:58.311Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "32CF7469-6D2F-4E34-8013-7F0D3433D0B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la biblioteca de servicios RPC Sun Solaris (librpcsvc) en Solaris 8 hasta 10 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de mountd) mediante paquetes no especificados a un servidor que exporta m\u00faltiples sistemas de ficheros, y permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda de automountd) mediante peticiones no especificadas para montar sistemas de ficheros desde un servidor que exporta m\u00faltiples sistemas de ficheros."}], "id": "CVE-2007-5462", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-15T22:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/40814"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27183"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27386"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103082-1"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200590-1"}, {"source": "cve@mitre.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-437.htm"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26071"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018818"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/3490"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37194"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37195"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/40814"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27183"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27386"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103082-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200590-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-437.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26071"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018818"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3490"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37194"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37195"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}