Vulnerability Details : CVE-2009-2187
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages.
Vulnerability category: Denial of service
Products affected by CVE-2009-2187
- cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_68:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_72:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_75:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_78:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_76:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_82:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_92:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_93:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_67:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_70:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_74:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_83:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_79:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_87:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_89:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_72:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_85:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_77:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_87:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_88:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_93:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_84:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_77:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_81:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_86:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_71:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_67:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_69:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_78:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_83:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_82:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_89:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_68:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_73:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_75:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_80:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_76:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_91:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_90:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_71:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_73:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_69:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_85:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_80:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_90:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_91:*:sparc:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_70:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_74:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_84:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_79:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_81:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_86:*:x86:*:*:*:*:*
- cpe:2.3:o:sun:opensolaris:snv_92:*:x86:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-2187
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-2187
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2009-2187
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-2187
-
http://bugs.opensolaris.org/view_bug.do?bug_id=6731600
Exploit
-
http://www.securityfocus.com/bid/35474
Patch
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262408-1
Patch;Vendor Advisory
-
http://bugs.opensolaris.org/view_bug.do?bug_id=6709252
-
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141414-01-1
Patch
Jump to