272 matches found
CVE-2011-0902
CVE-2011-0902 relates to untrusted search path vulnerabilities in the Java Service of Sun Microsystems SunScreen Firewall on SunOS 5.9. The flaw allows local users to execute arbitrary code by manipulating environment variables PATH or LD_LIBRARY_PATH. The provided connected documents reiterate t...
Sun Microsystems SunScreen Firewall - Privilege Escalation
Sun Microsystems SunScreen Firewall - Privilege Escalation / Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Jav...
Sun Microsystems SunScreen Firewall - Privilege Escalation
/ Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java Service contains numerous buffer overruns 2 of which I am...
Sun Microsystems SunScreen Firewall Root Exploit
/ Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java Service contains numerous buffer overruns 2 of which I am...
Sun Microsystems SunScreen Firewall Root Exploit
Exploit for multiple platform in category remote exploits / Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java...
Oracle Critical Patch Update Advisory - October 2010
Oracle Critical Patch Update Advisory - October 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service (CVE-2010-3509)
Title ----- DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service CVE-2010-3509 Severity -------- High Date Discovered --------------- November 3, 2009 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Alex Kaszczuk, Alan Chin, Jose R...
Solaris 9 (x86) : 116553-04
SunOS 5.9x86: su Patch. Date this patch was last updated by Sun : Oct/06/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Sun Java Runtime Environment JPEGImageReader Heap Overflow
Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java...
ToolTalk rpc.ttdbserverd Database Parser Heap Overflow (CVE-2010-0083)
ToolTalk is a communications system developed by Sun Microsystems in order to allow applications to communicate with each other at runtime. A heap overflow vulnerability has been discovered in the ToolTalk database server. The vulnerability is located within a function of the ToolTalk database...
Sun Java Runtime Environment JAR File Processing Stack Buffer Overflow (CVE-2008-5354)
Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java...
Sun Solaris 10 filesystem rm(1),find(1),etc Denial Of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sun Solaris 10 filesystem rm1,find1,etc, Denial-of-service Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 17.04.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/09 Original URL:...
Adobe Download Manager getPlus ActiveX Control Buffer Overflow (APSB10-02; CVE-2009-3958)
Adobe Download Manager DLM is a small application that is used to deliver Adobe products over the Internet. It contains licensed technology from NOS Microsystems called "getPlus" to support the transfer of information between Adobe.com and a connected user. A stack buffer overflow vulnerability...
Sun Java System Web Server WEBDAV Stack Buffer Overflow (CVE-2010-0361)
Sun Microsystems' Java System Web Server is a high performance web server for medium to large business applications. It is available for all major platforms and supports Java, PHP, CGI and ColdFusion technologies. A stack buffer overflow vulnerability exists in Sun Java System Web Server. The...
ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-073 April 13, 2010 -- CVE ID: CVE-2010-0897 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Directory Server...
ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-074 April 13, 2010 -- CVE ID: CVE-2010-0897 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Directory Server -...
ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-075 April 13, 2010 -- CVE ID: CVE-2010-0897 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Directory Server --...
Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
This vulnerability allows attackers to deny services on vulnerable installations of Sun Microsystems Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within Sun Directory Server's DSML-over-HTTP implementation and can be triggered via an HTT...
Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
This vulnerability allows attackers to deny services on vulnerable installations of Sun Microsystems Directory Service Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within Sun Directory Server's DSML-over-HTTP implementation and can be triggered v...
Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Directory Service Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within Sun Directory Server's LDAP implementation and can be triggered vi...