CVE-2007-6180

Published: Nov 30, 2007Modified: Apr 23, 2026

7.6

Vector

AV:A/AC:M/Au:N/C:P/I:C/A:C

Exploitability: 5.5 / Impact: 9.5

Source: NVD

Description

Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors.

Affected (6)

Products: Sun: Solaris

Sun

1 product

Solaris

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Sun Solaris	Version 10.0
Sun Solaris	Version 10.0
Sun Solaris	Version 8.0
Sun Solaris	Version 8.0
Sun Solaris	Version 9.0
Sun Solaris	Version 9.0

Related CWEs

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (20)

http://osvdb.org/40821

Source: cve@mitre.org

http://secunia.com/advisories/27831

Source: cve@mitre.org

http://secunia.com/advisories/28057

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103083-1

Source: cve@mitre.org

ExploitPatch

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200661-1

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2007-508.htm

Source: cve@mitre.org

http://www.securityfocus.com/bid/26627

Source: cve@mitre.org

http://www.securitytracker.com/id?1019011

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/4035

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/38718

Source: cve@mitre.org

http://osvdb.org/40821