Skip to content
Medium Published: Jul 01, 2009 Modified: Apr 09, 2025

CVE-2009-2282

4.6 CVSS Score Medium
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Export CVE-2009-2282 Data:
Share:
Link copied!

Description

The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors.

CVSS Vector Details

Attack Vector Local
Attack Complexity Low
Confidentiality P
Integrity P
Availability P

Affected Software Configurations

  • o oracle opensolaris * * * * * * sparc *
  • o oracle solaris 10 * * * * * sparc *

Weaknesses (CWE)

  • CWE-862

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2005-3623 CVSS 0 Same weakness: CWE-862 CVE-2006-4483 CVSS 0 Same weakness: CWE-862 CVE-2008-6548 CVSS 0 Same weakness: CWE-862 CVE-2009-3168 CVSS 7.2 Same weakness: CWE-862 CVE-2009-3781 CVSS 0 Same weakness: CWE-862

CVE History Timeline

Jul 01, 2009 14:10 Initial Analysis
Jan 26, 2024 17:53 Reanalysis
May 14, 2024 02:08 CVE Modified
Nov 21, 2024 01:04 CVE Modified
← Back to CVE Tracker