high
7.1
CWE
Advisory Published
Updated

CVE-2008-3666

First published: Wed Aug 13 2008(Updated: )

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Solaris=snv_36
Solaris=snv_30
Solaris=snv_70
Solaris=snv_33
Solaris=snv_14
Solaris=snv_89-x86
Solaris=snv_93-sparc
Solaris=snv_85
Solaris=snv_01
Solaris=snv_57
Solaris=snv_67
Solaris=snv_87
Solaris=snv_26
Solaris=snv_50
Solaris=snv_12
Solaris=snv_57
Solaris=snv_80
Solaris=snv_47
Solaris=snv_73
Solaris=snv_32
Solaris=snv_90-sparc
Solaris=snv_70
Solaris=snv_34
Solaris=snv_72
Solaris=snv_67
Solaris=snv_30
Solaris=snv_87
Solaris=snv_08
Solaris=snv_01
Solaris=snv_85
Solaris=snv_77
Solaris=snv_66
Solaris=snv_75
Solaris=snv_81
Solaris=snv_25
Solaris=snv_18
Solaris=snv_53
Solaris=snv_41
Solaris=snv_74
Solaris=snv_11
Solaris=snv_07
Solaris=snv_66
Solaris=snv_86
Solaris=snv_21
Solaris=snv_27
Solaris=snv_39
Solaris=snv_51
Solaris=snv_45
Solaris=snv_23
Solaris=snv_80
Solaris=snv_13
Solaris=snv_46
Solaris=snv_52
Solaris=snv_52
Solaris=snv_68
Solaris=snv_07
Solaris=snv_82
Solaris=snv_55
Solaris=snv_72
Solaris=snv_24
Solaris=snv_41
Solaris=snv_31
Solaris=snv_05
Solaris=snv_07
Solaris=snv_56
Solaris=snv_20
Solaris=snv_43
Solaris=snv_39
Solaris=snv_50
Solaris=snv_04
Solaris=snv_83
Solaris=snv_54
Solaris=snv_76
Solaris=snv_31
Solaris=snv_88-sparc
Solaris=snv_33
Solaris=snv_58
Solaris=snv_05
Solaris=snv_54
Solaris=snv_94-sparc
Solaris=snv_40
Solaris=snv_84
Solaris=snv_65
Solaris=snv_92-x86
Solaris=snv_26
Solaris=snv_17
Solaris=snv_49
Solaris=snv_87
Solaris=snv_94
Solaris=snv_09
Solaris=snv_65
Solaris=snv_17
Solaris=snv_86
Solaris=snv_05
Solaris=snv_06
Solaris=snv_62
Solaris=snv_37
Solaris=snv_15
Solaris=snv_48
Solaris=snv_71
Solaris=snv_22
Solaris=snv_04
Solaris=snv_93-x86
Solaris=snv_35
Solaris=snv_13
Solaris=snv_09
Solaris=snv_64
Solaris=snv_34
Solaris=snv_42
Solaris=snv_77
Solaris=snv_69
Solaris=snv_66
Solaris=snv_61
Solaris=snv_79
Solaris=snv_90-x86
Solaris<=snv_95
Solaris=snv_44
Solaris=snv_42
Solaris=snv_44
Solaris=snv_38
Solaris=snv_73
Solaris=snv_61
Solaris=snv_36
Solaris=snv_29
Solaris=snv_59
Oracle Solaris SPARC=10
Solaris=snv_10
Solaris=snv_35
Solaris=snv_70
Solaris=snv_38
Solaris=snv_45
Solaris=snv_28
Solaris=snv_78
Solaris=snv_08
Solaris=snv_56
Solaris=snv_11
Solaris=snv_10
Solaris=snv_43
Solaris=snv_48
Solaris=snv_59
Solaris=snv_28
Solaris=snv_74
Solaris=snv_48
Solaris=snv_01
Solaris=snv_25
Solaris=snv_16
Solaris=snv_19
Solaris=snv_25
Solaris=snv_18
Solaris=snv_51
Solaris=snv_26
Solaris=snv_10
Solaris=snv_79
Solaris=snv_63
Sun SunOS=5.10
Solaris=snv_83
Solaris=snv_16
Solaris=snv_82
Solaris=snv_88
Solaris=snv_12
Solaris=snv_78
Solaris=snv_81
Solaris=snv_37
Solaris=snv_40
Solaris=snv_50
Solaris=snv_19
Solaris=snv_86
Solaris=snv_27
Solaris=snv_45
Solaris=snv_13
Solaris=snv_06
Solaris=snv_02
Solaris=snv_06
Solaris=snv_32
Solaris=snv_85
Solaris=snv_52
Solaris=snv_22
Solaris=snv_16
Solaris=snv_80
Solaris=snv_59
Solaris=snv_69
Solaris=snv_91
Solaris=snv_68
Solaris=snv_77
Solaris=snv_67
Solaris=snv_46
Solaris=snv_71
Solaris=snv_64
Solaris=snv_34
Solaris=snv_63
Solaris=snv_20
Solaris=snv_49
Solaris=snv_82
Solaris=snv_39
Solaris=snv_02
Solaris=snv_14
Solaris=snv_78
Solaris=snv_57
Solaris=snv_60
Solaris=snv_03
Solaris=snv_21
Solaris=snv_92
Solaris=snv_75
Solaris=snv_71
Solaris=snv_64
Solaris=snv_81
Solaris=snv_46
Solaris=snv_19
Solaris=snv_76
Solaris=snv_15
Solaris=snv_21
Solaris=snv_91-sparc
Solaris=snv_47
Solaris=snv_60
Solaris=snv_20
Solaris<=snv_95
Solaris=snv_72
Solaris=snv_93
Solaris=snv_29
Solaris=snv_49
Solaris=snv_58
Solaris=snv_55
Solaris=snv_23
Solaris=snv_40
Solaris=snv_73
Solaris=snv_37
Solaris=snv_15
Solaris=snv_02
Solaris=snv_69
Solaris=snv_84
Solaris=snv_36
Solaris=snv_43
Solaris=snv_44
Solaris=snv_60
Solaris=snv_92-sparc
Solaris=snv_08
Solaris=snv_03
Solaris=snv_11
Solaris=snv_63
Solaris=snv_24
Solaris=snv_04
Solaris=snv_61
Solaris=snv_55
Solaris=snv_53
Solaris=snv_58
Solaris=snv_62
Solaris=snv_94-x86
Solaris=snv_83
Solaris=snv_90
Solaris=snv_65
Solaris=snv_68
Solaris=snv_28
Solaris=snv_24
Solaris=snv_88-x86
Solaris=snv_31
Solaris=snv_53
Solaris=snv_27
Solaris=snv_32
Solaris=snv_79
Solaris=snv_75
Solaris=snv_56
Solaris=snv_09
Solaris=snv_42
Solaris=snv_74
Solaris=snv_91-x86
Solaris=snv_89-sparc
Solaris=snv_18
Solaris=snv_41
Solaris=snv_33
Oracle Solaris SPARC=10
Solaris=snv_47
Solaris=snv_30
Solaris=snv_84
Solaris=snv_14
Solaris=snv_35
Solaris=snv_17
Solaris=snv_22
Solaris=snv_76
Solaris=snv_54
Solaris=snv_23
Solaris=snv_62
Solaris=snv_12
Solaris=snv_89
Solaris=snv_38
Solaris=snv_03
Solaris<=snv_95
Solaris=snv_51
Solaris=snv_29

Remedy

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239186-1

Remedy

http://www.securityfocus.com/bid/30654

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2008-3666?

    CVE-2008-3666 has a severity level that can lead to denial of service (panic) in affected systems.

  • Which systems are affected by CVE-2008-3666?

    CVE-2008-3666 affects Sun Solaris 10 and OpenSolaris versions prior to snv_96, including multiple specific versions.

  • How do I fix CVE-2008-3666?

    To address CVE-2008-3666, updating to a patched version of Solaris or OpenSolaris that resolves the issue is recommended.

  • What type of attacks can exploit CVE-2008-3666?

    CVE-2008-3666 can be exploited by context-dependent attackers through the creation of crafted files and using the sendfilev system call.

  • What are the potential consequences of CVE-2008-3666?

    Exploitation of CVE-2008-3666 can result in a denial of service, causing the affected system to panic.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203