Lucene search

K

19 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.55 views

CVE-1999-1225

rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

5CVSS6.9AI score0.00455EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.52 views

CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

7.2CVSS6.8AI score0.00344EPSS
CVE
CVE
added 2003/09/22 4:0 a.m.52 views

CVE-2003-0722

The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.

10CVSS6.6AI score0.89395EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.50 views

CVE-1999-0334

In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.

7.2CVSS6.9AI score0.0006EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.50 views

CVE-2004-1355

Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.

2.1CVSS6.5AI score0.00071EPSS
CVE
CVE
added 2007/07/12 4:30 p.m.50 views

CVE-2007-3723

The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption), as described in "Secr...

2.1CVSS6.1AI score0.00053EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.47 views

CVE-1999-0057

Vacation program allows command execution by remote users through a sendmail command.

7.5CVSS7.1AI score0.02856EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.47 views

CVE-1999-0321

Buffer overflow in Solaris kcms_configure command allows local users to gain root access.

7.2CVSS7.7AI score0.0018EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.47 views

CVE-1999-0568

rpc.admind in Solaris is not running in a secure mode.

10CVSS7AI score0.00483EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.45 views

CVE-1999-0795

The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.

7.5CVSS8AI score0.00757EPSS
CVE
CVE
added 2005/11/23 2:3 a.m.44 views

CVE-2005-3781

Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries."

5CVSS6.4AI score0.00705EPSS
CVE
CVE
added 2005/02/11 5:0 a.m.43 views

CVE-2004-1180

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

5CVSS6.3AI score0.00763EPSS
CVE
CVE
added 2008/06/16 8:41 p.m.42 views

CVE-2008-2710

Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large v...

7.2CVSS7.2AI score0.00081EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.41 views

CVE-1999-0369

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

7.2CVSS8.2AI score0.0041EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.40 views

CVE-1999-0303

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

4.6CVSS7.7AI score0.00055EPSS
CVE
CVE
added 2000/02/08 5:0 a.m.40 views

CVE-2000-0118

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

7.2CVSS6.9AI score0.00148EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.40 views

CVE-2001-1066

ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6.4AI score0.00087EPSS
CVE
CVE
added 2010/03/29 10:30 p.m.38 views

CVE-2010-1183

Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.

3.3CVSS6.2AI score0.00069EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.33 views

CVE-1999-1137

The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.

2.1CVSS7AI score0.00077EPSS