Solaris Security Vulnerabilities

CVE-1999-0502

A Unix account has a default, null, blank, or missing...

CVE-1999-0320

SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary...

CVE-1999-0795

The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify...

CVE-1999-0296

Solaris volrmmount program allows attackers to read any...

CVE-1999-0125

Buffer overflow in SGI IRIX mailx...

CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of...

CVE-1999-0018

Buffer overflow in statd allows root...

CVE-1999-0210

Automount daemon automountd allows local or remote users to gain privileges via shell...

CVE-1999-0097

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe...

CVE-1999-0185

In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command...

CVE-1999-0300

nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+...

CVE-1999-0295

Solaris sysdef command allows local users to read kernel memory, potentially leading to root...

CVE-1999-1225

rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or...

CVE-1999-0024

DNS cache poisoning via BIND, by predictable query...

CVE-1999-0301

Buffer overflow in SunOS/Solaris ps...

CVE-1999-0524

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary...

CVE-1999-1419

Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root...

CVE-1999-1423

ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping...

CVE-1999-0189

Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is...

CVE-1999-1191

Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line...

CVE-1999-1402

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that...

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root...

CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as...

CVE-1999-0315

Buffer overflow in Solaris fdformat command gives root access to local...

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental...

CVE-1999-0165

NFS cache...

CVE-1999-0109

Buffer overflow in ffbconfig in Solaris...

CVE-1999-0046

Buffer overflow of rlogin program using TERM environmental...

CVE-1999-0369

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root...

CVE-1999-0051

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in...

CVE-1999-1026

aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo...

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include:...

CVE-1999-0132

Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root...

CVE-1999-1413

Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through...

CVE-1999-0135

admintool in Solaris allows a local user to write to arbitrary files and gain root...

CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr()...

CVE-1999-0241

Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through...

CVE-1999-0099

Buffer overflow in syslog utility allows local or remote attackers to gain root...

CVE-1999-0334

In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root...

CVE-1999-1137

The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a...