Solaris@10.0 Security Vulnerabilities and Issues — Page 3 of Solaris@10.0 CVE List

Lucene search

SunSolaris10.0

118 matches found

CVE•added 2007/10/30 9:46 p.m.•35 views

CVE-2007-5726

Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun Solaris 10, when at least one SCTP socket is in the LISTEN state, allows remote attackers to cause a denial of service (panic) via unspecified vectors related to "INIT processing."

6.8CVSS6.5AI score0.01329EPSS

CVE•added 2009/06/11 3:30 p.m.•35 views

CVE-2009-2029

Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.

5CVSS6.1AI score0.00742EPSS

CVE•added 2009/06/19 7:30 p.m.•35 views

CVE-2009-2136

Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jum...

7.8CVSS6.7AI score0.00918EPSS

CVE•added 2009/08/03 2:30 p.m.•35 views

CVE-2009-2652

Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets.

6.8CVSS6.7AI score0.01097EPSS

CVE•added 2007/09/06 7:17 p.m.•34 views

CVE-2007-4732

Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.

4.9CVSS6.2AI score0.00058EPSS

CVE•added 2008/12/10 12:30 a.m.•34 views

CVE-2008-5410

The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 does not maintain reference counts for operations with asymmetric keys, which allows context-dependent attackers to cause a denial of service (failed cryptographic operations) via unspecified vectors, related to the (1) RSA_sign...

7.8CVSS6.5AI score0.0115EPSS

CVE•added 2009/09/10 10:30 p.m.•34 views

CVE-2009-3164

Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo...

7.1CVSS6.8AI score0.00918EPSS

CVE•added 2006/02/01 8:0 p.m.•33 views

CVE-2005-4701

Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx.

2.1CVSS5.9AI score0.00072EPSS

CVE•added 2006/07/21 2:3 p.m.•33 views

CVE-2006-3728

Unspecified vulnerability in the kernel in Solaris 10 with patch 118822-29 (118844-29 on x86) and without patch 118833-11 (118855-08) allows remote authenticated users to cause a denial of service via unspecified vectors that lead to "kernel data structure corruption" that can trigger a system pani...

6.8CVSS6.5AI score0.01339EPSS

CVE•added 2007/02/02 9:28 p.m.•33 views

CVE-2007-0668

The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service.

6.2CVSS6.3AI score0.00049EPSS

CVE•added 2006/08/14 11:4 p.m.•32 views

CVE-2006-4139

Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries.

5.4CVSS6.9AI score0.00763EPSS

CVE•added 2006/11/06 5:7 p.m.•32 views

CVE-2006-5726

alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems with malformed data structures.

4.9CVSS6.5AI score0.00264EPSS

CVE•added 2006/12/13 1:28 a.m.•32 views

CVE-2006-6494

Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers.

6.6CVSS7.5AI score0.00036EPSS

CVE•added 2007/10/30 9:46 p.m.•32 views

CVE-2007-5716

Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet.

7.8CVSS6.3AI score0.01203EPSS

CVE•added 2009/11/02 3:30 p.m.•32 views

CVE-2009-3839

Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.

6.8CVSS7.7AI score0.01456EPSS

CVE•added 2009/11/03 4:30 p.m.•32 views

CVE-2009-3851

Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "res...

7.2CVSS6.4AI score0.00054EPSS

CVE•added 2006/07/24 12:19 p.m.•29 views

CVE-2006-3781

Unspecified vulnerability in Sun Solaris 10 allows context-dependent attackers to cause a denial of service (panic) via unspecified vectors involving the event port API.

7.8CVSS6.8AI score0.00994EPSS

CVE•added 2005/12/09 3:3 p.m.•28 views

CVE-2005-4133

Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files.

2.1CVSS7AI score0.0008EPSS

Total number of security vulnerabilities118