Lucene search
K
SunRay Server Software

15 matches found

CVE
CVE
added 2008/12/11 3:0 p.m.65 views

CVE-2008-5422

CVE-2008-5422 concerns Sun Sun Ray Server Software 3.1–4.0, where access is not properly restricted, enabling remote attackers to discover the Sun Ray administrator password and gain admin access to the Data Store and Administration GUI via unspecified vectors. Affected products include Sun Ray C...

7.5CVSS6.7AI score0.02583EPSS
CVE
CVE
added 2007/01/25 12:0 a.m.64 views

CVE-2007-0482

The CVE-2007-0482 entry concerns Sun Ray Server Software 2.0 and 3.0 prior to 20070123, where local users could obtain the utadmin password by reading the web server log or via an unspecified local attack. The vulnerability is characterized as a local, low-complexity issue with partial confidenti...

4.6CVSS6.3AI score0.00347EPSS
CVE
CVE
added 2008/12/11 3:0 p.m.62 views

CVE-2008-5423

Sun Sun Ray Server Software (3.x/4.0) and Sun Ray Windows Connector (1.1/2.0) expose the LDAP password during a configuration step, enabling local users to discover the Sun Ray administrator password and obtain admin access to the Data Store and Administration GUI via the utconfig (Server Softwar...

4.3CVSS6.2AI score0.00316EPSS
CVE
CVE
added 2004/07/21 4:0 a.m.58 views

CVE-2004-0701

The affected product is Sun Ray Server Software (SRSS) 1.3 and 2.0 running on Solaris 2.6, 7, or 8. The issue is that SRSS does not reliably detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which can leave a user session logged in and allow local users t...

4.6CVSS6.9AI score0.00348EPSS
CVE
CVE
added 2008/05/08 12:0 a.m.56 views

CVE-2008-2112

CVE-2008-2112 affects Sun Ray Kiosk Mode 4.0. The vulnerability allows local and remote authenticated Sun Ray administrators to gain root privileges through unknown/utconfig-related vectors. The exact root cause and exploited components are not fully detailed in the provided documents, but the im...

8.5CVSS6.3AI score0.0254EPSS
CVE
CVE
added 2009/12/11 4:0 p.m.56 views

CVE-2009-4294

CVE-2009-4294 affects Sun Ray Server Software 4.0 and 4.1, via the Authentication Manager (utauthd). The linked sources describe an unspecified vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service through unknown vectors. The NVD entry rates this as hi...

10CVSS7.8AI score0.05718EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.55 views

CVE-2002-2036

Sun Ray Server Software (SRSS) 1.3 with Non-Smartcard Mobility (NSCM) enabled is affected. The issue allows remote attackers to log in as another user by running dtlogin on a system with XDMCP client support, indicating a network-exposed authentication bypass via XDMCP/X11 components. The core de...

7.5CVSS7AI score0.01532EPSS
CVE
CVE
added 2009/07/16 4:0 p.m.53 views

CVE-2009-2489

Technical details for CVE-2009-2489 are not publicly provided in the connected documents. The references describe an unspecified local-access vulnerability in Sun Ray Server Software 4.0 but do not specify affected versions, exploitation vectors, or fixes. Monitor for updates.

2.1CVSS6.5AI score0.00352EPSS
CVE
CVE
added 2009/12/14 5:0 p.m.52 views

CVE-2009-4314

CVE-2009-4314 affects Sun Ray Server Software 4.1 on Solaris 10. When Automatic Multi-Group Hotdesking (AMGH) is enabled, a logout action results in the user being immediately logged back in, enabling physical access by someone at an unattended DTU device to gain a session. Root cause is the logo...

4.4CVSS6.4AI score0.00333EPSS
CVE
CVE
added 2006/08/09 11:0 p.m.50 views

CVE-2006-4049

CVE-2006-4049 concerns an unspecified local vulnerability in the utxconfig utility of Sun Ray Server Software 3.x that allows local users to create or overwrite arbitrary files via unknown attack vectors. The linked Nessus plugins reference Sun patch 114880-12 as a remediation for Sun Ray Server ...

2.1CVSS6.3AI score0.00388EPSS
CVE
CVE
added 2009/07/16 4:0 p.m.50 views

CVE-2009-2490

CVE-2009-2490 affects Sun Ray Server Software (SRSS) 4.0, specifically the utaudiod daemon when Solaris Trusted Extensions is enabled. The issue allows local users to cause a denial of service (audio outage) and potentially gain privileges due to resource leaks. The provided description does not ...

1.9CVSS6.9AI score0.00326EPSS
CVE
CVE
added 2009/12/11 4:0 p.m.50 views

CVE-2009-4295

Sun Ray Server Software 4.0/4.1 on Sun Ray 1, 1g, 100, and 150 DTU devices does not generate a unique DSA private key for firmware, which can allow remote attackers to predict a key and decrypt sniffed network traffic. The CVE entry documents this vulnerability and its impact as described by mult...

7.8CVSS6.3AI score0.01426EPSS
CVE
CVE
added 2007/12/20 8:0 p.m.49 views

CVE-2007-6482

Technical details about CVE-2007-6482 are not publicly provided in the supplied documents. Monitor for updates from official advisories; current sources only reiterate an unspecified remote denial-of-service against Sun Ray Server's utdevmgrd.

7.8CVSS6.7AI score0.02971EPSS
CVE
CVE
added 2009/07/16 4:0 p.m.48 views

CVE-2009-2491

The CVE-2009-2491 entry describes a vulnerability in the utaudiod daemon of Sun Ray Server Software (SRSS) 4.0 where, with Solaris Trusted Extensions enabled, local users could access other users’ sessions via unknown vectors related to resource leaks. The available sources (NVD/NVD mirror) confi...

4.4CVSS6.5AI score0.00284EPSS
CVE
CVE
added 2007/12/20 8:0 p.m.46 views

CVE-2007-6481

Technical details are not publicly available in the provided documents; no affected products/versions or vectors are specified. Monitor for updates.

6.4CVSS6.8AI score0.02605EPSS