233 matches found
Path traversal
Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified 1 PATH or 2 LDLIBRARYPATH environment variable...
CVE-2011-0902
CVE-2011-0902 relates to untrusted search path vulnerabilities in the Java Service of Sun Microsystems SunScreen Firewall on SunOS 5.9. The flaw allows local users to execute arbitrary code by manipulating environment variables PATH or LD_LIBRARY_PATH. The provided connected documents reiterate t...
CVE-2011-0902
Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified 1 PATH or 2 LDLIBRARYPATH environment variable...
Sun Microsystems SunScreen Firewall - Privilege Escalation
/ Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java Service contains numerous buffer overruns 2 of which I am...
Sun Microsystems SunScreen Firewall - Privilege Escalation
Sun Microsystems SunScreen Firewall - Privilege Escalation / Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Jav...
Sun Microsystems SunScreen Firewall Root Exploit
/ Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java Service contains numerous buffer overruns 2 of which I am...
Sun Microsystems SunScreen Firewall Root Exploit
Exploit for multiple platform in category remote exploits / Sun Microsystems SunScreen Firewall Root Exploit discovered & exploited by Kingcope January 2011 The SunScreen Firewall can be administrated remotely via a java protocol service which is running on port 3858 on a SunOS machine. This Java...
DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service (CVE-2010-3509)
Title ----- DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service CVE-2010-3509 Severity -------- High Date Discovered --------------- November 3, 2009 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Alex Kaszczuk, Alan Chin, Jose R...
Oracle Critical Patch Update Advisory - October 2010
Oracle Critical Patch Update Advisory - October 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
Solaris 9 (x86) : 116553-04
SunOS 5.9x86: su Patch. Date this patch was last updated by Sun : Oct/06/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Sun Java Runtime Environment JPEGImageReader Heap Overflow
Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java...
ToolTalk rpc.ttdbserverd Database Parser Heap Overflow (CVE-2010-0083)
ToolTalk is a communications system developed by Sun Microsystems in order to allow applications to communicate with each other at runtime. A heap overflow vulnerability has been discovered in the ToolTalk database server. The vulnerability is located within a function of the ToolTalk database...
Sun Java Runtime Environment JAR File Processing Stack Buffer Overflow (CVE-2008-5354)
Java Technology is a programing platform developed by Sun Microsystems which aims to provide a system for developing and deploying cross-platform applications. Java is used in a wide variety programs that are deployed on personal computers as well as embedded devices and cell phones. Java...
Sun Solaris 10 filesystem rm(1),find(1),etc Denial Of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sun Solaris 10 filesystem rm1,find1,etc, Denial-of-service Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 17.04.2010 - - Pub.: 21.05.2010 Affected Software: - - Sun Solaris 10 10/09 Original URL:...
Sun Java System Web Server WEBDAV Stack Buffer Overflow (CVE-2010-0361)
Sun Microsystems' Java System Web Server is a high performance web server for medium to large business applications. It is available for all major platforms and supports Java, PHP, CGI and ColdFusion technologies. A stack buffer overflow vulnerability exists in Sun Java System Web Server. The...
ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-075 April 13, 2010 -- CVE ID: CVE-2010-0897 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Directory Server --...
ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-074 April 13, 2010 -- CVE ID: CVE-2010-0897 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Directory Server -...
ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-073 April 13, 2010 -- CVE ID: CVE-2010-0897 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Directory Server...
Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
This vulnerability allows attackers to deny services on vulnerable installations of Sun Microsystems Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within Sun Directory Server's DSML-over-HTTP implementation and can be triggered via an HTT...
Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
This vulnerability allows attackers to deny services on vulnerable installations of Sun Microsystems Directory Service Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within Sun Directory Server's DSML-over-HTTP implementation and can be triggered v...