113 matches found
CVE-2008-5133
The connected CVE-2008-5133 entry describes Solaris SunOS/OpenSolaris ipnat/IPFilter behavior: on NAT-enabled DNS servers, it improperly alters the source port of a packet when the destination port is DNS, allowing remote attackers to spoof DNS responses and bypass the CVE-2008-1447 protection me...
CVE-2009-0873
CVE-2009-0873 affects Sun Solaris 10 and OpenSolaris before snv_106, where the NFS daemon (nfsd) under NFSv3 mishandles combinations of security modes, allowing remote attackers to bypass access controls and read or modify protected files by abusing incompatible sec=sys and sec=krb5 configuration...
CVE-2007-5365
CVE-2007-5365 : OpenBSD 4.0–4.2 dhcpd and similar ISC dhcp-2 based implementations suffer a stack-based buffer overflow in cons_options (options.c) that can allow remote attackers to execute code or cause daemon crashes by sending a DHCP request with a max message size smaller than the minimum IP...
CVE-2016-1349
The CVE-2016-1349 vulnerability affects Cisco IOS (12.2, 15.0, 15.2) and IOS XE (3.2–3.7) where the Smart Install client mishandles image list parameters in Smart Install packets. An unauthenticated, remote attacker can send crafted packets (to TCP 4786), potentially causing a denial-of-service v...
CVE-2016-1344
CVE-2016-1344 affects Cisco IOS and IOS XE when IKEv2 fragmentation is enabled. The flaw in the IKEv2 fragmentation handling allows unauthenticated remote attackers to cause a device reload via crafted fragmented UDP packets, potentially impacting affected Cisco devices running IOS 15.0–15.6 and ...
CVE-2008-5684
CVE-2008-5684 affects Sun Solaris 8–10 and OpenSolaris before snv_85 due to a libICE issue; allows context-dependent denial of service, shown by a port-scan-triggered segmentation fault in gnome-session. Connected docs reference Xsun/X11 patches for Solaris 10, but explicit libICE remediation det...
CVE-2016-1310
CVE-2016-1310 refers to a Cross-Site Scripting (XSS) vulnerability in Cisco Unity Connection Web Framework affecting version 11.5(0.199) . The issue arises from insufficient input validation, enabling remote attackers to inject arbitrary web script or HTML via a crafted URL. Exploitation is possi...
CVE-2010-0453
CVE-2010-0453 affects Sun Solaris 10/OpenSolaris (snv_69–snv_133) on x86, where the ucode_ioctl function in intel/io/ucode_drv.c is vulnerable. A 0-size UCODE_GET_VERSION IOCTL request can trigger a NULL pointer dereference in ucode_get_rev, causing a kernel panic/denial of service. The issue is ...
CVE-2009-0132
CVE-2009-0132 describes an integer overflow in the aio_suspend function in Sun Solaris 8–10 and OpenSolaris when 32‑bit mode is enabled, enabling local denial of service (panic). The issue affects Solaris 9/10 variants (sparc/x86) and OpenSolaris. Concrete details from connected documents show pa...
CVE-2009-0304
The CVE-2009-0304 issue affects Sun Solaris 10/11 snv_101b and OpenSolaris before snv_108, where the kernel improperly handles IPv6 packets via SunOSipv6.c, allowing remote attackers to cause a denial of service (system crash). The root cause is insufficient validation in IPv6 packet processing. ...
CVE-2009-2952
The CVE-2009-2952 issue affects Solaris 10 and OpenSolaris prior to snv_51, where the pollwakeup function is vulnerable. The description indicates an unspecified vulnerability that allows local users to trigger a denial of service (panic). Public technical details in the provided documents are li...
CVE-2009-1478
CVE-2009-1478 affects Sun Solaris 10 (x86 and SPARC) and OpenSolaris prior to snv_114, due to multiple unspecified vulnerabilities in the DTrace ioctl handlers that can cause a local denial of service (panic). Nessus/OpenVAS entries describe patch-based mitigations: Solaris 10 patch 141766-01 (x8...
CVE-2009-2711
CVE-2009-2711 details an XScreenSaver vulnerability in Sun Solaris 9/10 and related X11 servers (Solaris 8/9/10, OpenSolaris) where popup windows can be read by a physically proximate attacker even when the screen is locked (different from CVE-2009-1276). Connected sources show Solaris patch upda...
CVE-2009-3899
CVE-2009-3899: Memory leak in the Sockets Direct Protocol (SDP) driver affects Solaris 10 and OpenSolaris snv_57–snv_94, enabling remote attackers to trigger a denial of service via memory consumption. The connected documents do not specify a patch/workaround.
CVE-2009-0319
CVE-2009-0319 affects Sun Solaris autofs kernel module (Solaris 8–10) and OpenSolaris before snv_108. Root cause cited as xdr processing problems in autofs. Impact scope: local user can cause autofs mount outage (DoS) and possibly gain privileges. Affected components: autofs in the kernel; vulner...
CVE-2008-0964
The CVE-2008-0964 issue affects SunOS/Solaris snoop for several Solaris releases. The root cause is a stack-based buffer overflow in snoop when handling SMB traffic with the -o option omitted, enabling remote code execution. Concrete fixes are available via Solaris patch updates: 108964-11 (Solar...
CVE-2008-5661
The CVE-2008-5661 issue affects Sun Solaris 10 and OpenSolaris (snv_47 through snv_82) where the IPv4 Forwarding feature can trigger a NULL pointer dereference via remote input, causing a denial of service (panic). The vulnerability is reported with patches installed on affected builds; the exact...
CVE-2009-0268
CVE-2009-0268 describes a race condition in the pty driver (ptc/ptsl) affecting Sun Solaris 8–10 and OpenSolaris before snv_103, leading to a denial of service (panic) via unsequenced code. Public details in connected documents confirm fixes via Solaris patches: 140383-01 (SPARC) and 140384-01 (x...
CVE-2009-0926
Sun OpenSolaris (OpenSolaris SNV 86–91) on x86 in 32‑bit mode contains an unspecified vulnerability in the UFS filesystem routines ufs_getpage() and ufs_putapage(), leading to local users potentially causing a system hang/panic. The issue is tied to CR 6679732 and affects 32‑bit UFS write paths; ...
CVE-2009-1276
Summary of CVE-2009-1276 with connected data: XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8/9 with GNOME 2.x, can leak sensitive information by letting a physically proximate attacker read popup windows that appear even when the screen is locked (e.g., Thunderbird n...
CVE-2009-2296
CVE-2009-2296 affects Sun Solaris 10 and OpenSolaris prior to snv_119 where the NFSv4 server kernel module mishandles the nfs_portmon setting. This allows remote attackers to access shares and read, create, and modify arbitrary files via unspecified vectors. Remediation is through Solaris patches...
CVE-2009-2486
CVE-2009-2486: Unspecified vulnerability in the SCTP implementation affects Sun Solaris 10 and OpenSolaris prior to snv_120, allowing remote denial of service (panic) via unspecified packets. Affected component is SCTP in these OS releases. Root cause details are not provided in the documents; no...
CVE-2009-3100
CVE-2009-3100 affects xscreensaver (Gnome-XScreenSaver) on Solaris 9/10, OpenSolaris snv_109–snv_122, and X11 6.4.1 on Solaris 8. The vulnerability stems from improper handling of Accessibility support, enabling a local user to cause a denial of service (system hang) by locking the screen and the...
CVE-2016-1350
CVE-2016-1350 affects Cisco IOS (versions 15.3–15.4), Cisco IOS XE (3.8–3.11), and Cisco Unified Communications Manager. The issue is a memory-leak/DoS in the SIP gateway caused by improper processing of malformed SIP messages, leading to remote attackers potentially triggering a device reload. T...
CVE-2009-2912
CVE-2009-2912 concerns Sun Solaris 8–10 and OpenSolaris (pre-sn v_110) where the sendfile and sendfilev kernel routines can trigger a local denial-of-service (panic) via vnode-related calls. The NVD notes a CVSS v2 base score of 4.9 (AV:L, AC:L, Au:N, I:N, A:C) with local access and no authentica...
CVE-2010-0559
The CVE-2010-0559 entry concerns Oracle OpenSolaris SNV releases snv_91 through snv_131. The vulnerability arises from the default configuration, allowing an attacker to achieve an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain. The connected doc...
CVE-2008-5689
CVE-2008-5689 affects Solaris 10/OpenSolaris (SNV 01–SNV 76) via the tun/tunnel SIOCGTUNPARAM IOCTL. The underlying issue is a NULL pointer dereference triggered by a crafted IOCTL, allowing local users to cause a denial of service (panic) and potentially execute arbitrary code. Affected componen...
CVE-2008-5908
CVE-2008-5908 concerns an unspecified vulnerability in the root/boot archive tool of Sun OpenSolaris, tied to a “Temporary file vulnerability” (Bug ID 6653455). Available sources indicate unknown impact and local attack vectors, with no concrete exploit details provided in the connected documents...
CVE-2009-0923
The CVE-2009-0923 entry affects Solaris 10 and OpenSolaris (SNV builds 01–110) in Kerberos Incremental Propagation. It describes a remote DoS against slave KDC servers caused by issues in the master KDC, with unknown vectors. No remediation details are provided in the supplied documents; CVSSv2 b...
CVE-2009-1207
CVE-2009-1207 describes a race condition in Solaris dircmp that could allow local users to overwrite arbitrary files via a symlink-based temporary-file attack. Connected documents confirm Solaris 10 (x86) and Solaris 10 (sparc) patches addressing this issue: 141015-01 for x86 and 141014-01 for SP...
CVE-2009-2297
The CVE-2009-2297 entry concerns an unspecified vulnerability in the UDP subsystem of the Solaris/OpenSolaris kernel when Trusted Extensions is enabled. The issue is triggered by a regression in earlier kernel patches that affects the crgetlabel path, leading to a remote denial-of-service (panic)...
CVE-2009-2430
CVE-2009-2430 affects Sun Solaris 8, 9, 10 and OpenSolaris snv_01–snv_58 when Solaris Auditing is enabled. The vulnerability, described as an unspecified local privilege escalation in auditconfig exploitable by RBAC-enabled users, uses unknown attack vectors. Connected sources reference Solaris a...
CVE-2009-3390
Affected software: Sun Solaris 10 and OpenSolaris (snv_28 through snv_109). Vulnerable components: iscsiadm and iscsitadm utilities, with root cause related to the libima library. Impact: local users with certain RBAC execution profiles can gain privileges via unspecified vectors. Context: exploi...
CVE-2009-3432
CVE-2009-3432 affects Sun Solaris 10 and OpenSolaris (pre-sn v112) when using Xorg/Xnewt with RandR enabled. A vulnerability in xscreensaver could allow physically proximate attackers to read a locked screen via XRandR resize events. Affected patches are SunXScreensaver patches: Solaris 10 patche...
CVE-2009-4774
Summary: CVE-2009-4774 affects Sun Solaris 10 and OpenSolaris snv_49–snv_117 when running in 64-bit mode on x86 with a Linux (lx) branded zone, enabling local users to trigger a denial of service (panic) via unspecified vectors. The issue is related to a prior CVE-2007-6225 family and is document...
CVE-2015-6313
Cisco TelePresence Server devices running 4.1(2.29)–4.2(4.17) on 7010, MSE 8710, Multiparty Media 310/320/820, and VM devices are affected by CVE-2015-6313 due to a denial-of-service in the HTTP parsing engine when processing crafted URLs. An unauthenticated remote attacker can cause memory exhau...
CVE-2016-1291
CVE-2016-1291 affects Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco EPNM 1.2. The vulnerability stems from insecure deserialization of data in HTTP POST requests, enabling remote attackers to execute arbitrary code on affected systems. Impact is described as remote code execution with...
CVE-2016-1348
Summary of the CVE-2016-1348 issue : Cisco IOS and IOS XE DHCPv6 Relay Denial of Service vulnerability arises from insufficient validation of DHCPv6 relay messages. An unauthenticated, remote attacker can trigger a device reload, leading to a DoS condition. Affected software includes Cisco IOS 15...
CVE-2008-5010
CVE-2008-5010 affects Sun Solaris 8–10 DHCP server (in.dhcpd) and OpenSolaris prior to snv_103. The issue allows a remote attacker to trigger a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the “number of offers” (Bug ID 6713805). The vulnerability is ...
CVE-2008-7300
CVE-2008-7300 describes a vulnerability in the labeled networking implementation of Solaris Trusted Extensions on Sun Solaris 10 and OpenSolaris (snv_39 through snv_67). When a labeled zone is in the installed state, remote authenticated users can bypass Mandatory Access Control (MAC) and gain ac...
CVE-2008-3426
Affected product: Sun Solaris/OpenSolaris PICLD (Platform Information and Control Library daemon) running on Solaris 8–10 and OpenSolaris builds snv_01–snv_95. Vulnerable component: picld; impact: local users can cause a denial of service that affects utilities like prtdiag, prtpicl, and prtfru. ...
CVE-2009-0874
CVE-2009-0874 concerns multiple unspecified vulnerabilities in the Doors subsystem of the kernel on Solaris 8–10 and OpenSolaris before snv_94. The flaws enable local users to cause a denial of service (process hang) and, potentially, bypass file permissions or gain kernel-context privileges. Doc...
CVE-2009-0924
CVE-2009-0924 affects Sun OpenSolaris (snv_39–snv_45) on x86 in 64-bit mode, enabling local users to hang the UFS filesystem write via ufs_getpage/ufs_putapage routines (CR 6442712). Related notes for Solaris 10/OpenSolaris variants indicate OS-level UFS denial of service; stack traces in Seebug ...
CVE-2009-0925
CVE-2009-0925 affects Sun Solaris 10 on SPARC sun4v and OpenSolaris snv_47–snv_85. Local non-privileged users can cause a denial-of-service by hanging the UFS filesystem write via the ufs_getpage/ufs_putapage paths (CR 6425723). Related CRs (6442712) affect 64-bit x86 OpenSolaris snv_39–snv_45; 6...
CVE-2010-0271
Affected software : Sun OpenSolaris hald (SNV_51 to SNV_130). Vulnerability details : The hald process does not have the proc_audit privilege during unspecified attempts to write to the auditing log, enabling an attacker in physical proximity to evade detection of changes to the set of Hardware A...
CVE-2015-6319
CVE-2015-6319 affects Cisco RV220W devices. A vulnerability in the web-based management interface arises from insufficient input validation of HTTP request headers, allowing remote attackers to submit crafted SQL statements that are processed by the device’s database. The result is an SQL injecti...
CVE-2016-1302
CVE-2016-1302 affects Cisco APIC devices and Nexus 9000 ACI Mode switches. A flaw in the RBAC eligibility logic allows remote authenticated users to bypass intended privileges by sending crafted REST requests, enabling unauthorized configuration changes (Bug CSCut12998). Affected versions: APIC s...
CVE-2016-1331
CVE-2016-1331 concerns multiple XSS vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5). The issue affects the web interface/web framework code, where insufficient input validation in some parameters allows remote attackers to inject arbitrary web script or HTML. Impact is remote script ...
CVE-2008-2710
CVE-2008-2710 affects Sun Solaris 10 and OpenSolaris prior to SNV_92. The kernel component involved is ip_set_srcfilter in uts/common/inet/ip/ip_multi.c, where a signedness issue can trigger an out-of-bounds write via an SIOCSIPMSFILTER IOCTL with a large imsf->imsf_numsrc, enabling local user...
CVE-2009-0267
CVE-2009-0267 affects Sun Solaris 9/10 and OpenSolaris before SNV_100, where libike.so.1 improperly validates IKE packets, enabling a remote DoS leading to in.iked daemon crash. The issue is documented in multiple sources and is addressed by Solaris patch updates: 140414-01 for Solaris 10 x86 and...