Solaris@2.4 Security Vulnerabilities and Issues — Solaris@2.4 CVE List

Lucene search

SunSolaris2.4

48 matches found

CVE•added 1999/09/29 4:0 a.m.•370 views

CVE-1999-0024

DNS cache poisoning via BIND, by predictable query IDs.

5CVSS6.7AI score0.01325EPSS

CVE•added 1999/09/29 4:0 a.m.•162 views

CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as root.

8.4CVSS7.9AI score0.00114EPSS

CVE•added 2002/06/25 4:0 a.m.•153 views

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

10CVSS7.4AI score0.88625EPSS

CVE•added 1999/09/29 4:0 a.m.•147 views

CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

5CVSS7.3AI score0.25583EPSS

CVE•added 1999/09/29 4:0 a.m.•102 views

CVE-1999-0097

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

10CVSS7.2AI score0.01076EPSS

CVE•added 2003/04/02 5:0 a.m.•93 views

CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers...

10CVSS7.6AI score0.71952EPSS

CVE•added 2000/02/04 5:0 a.m.•88 views

CVE-1999-0165

NFS cache poisoning.

10CVSS7.4AI score0.00946EPSS

CVE•added 1999/09/29 4:0 a.m.•73 views

CVE-1999-0018

Buffer overflow in statd allows root privileges.

10CVSS7.7AI score0.10302EPSS

CVE•added 2000/03/22 5:0 a.m.•73 views

CVE-1999-0189

Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.

7.5CVSS6.7AI score0.00489EPSS

CVE•added 1999/09/29 4:0 a.m.•62 views

CVE-1999-0054

Sun's ftpd daemon can be subjected to a denial of service.

5CVSS7.3AI score0.00562EPSS

CVE•added 2000/06/02 4:0 a.m.•60 views

CVE-1999-0210

Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.

10CVSS7.1AI score0.08326EPSS

CVE•added 1999/09/29 4:0 a.m.•57 views

CVE-1999-0125

Buffer overflow in SGI IRIX mailx program.

4.6CVSS7.7AI score0.00634EPSS

CVE•added 1999/09/29 4:0 a.m.•56 views

CVE-1999-0055

Buffer overflows in Sun libnsl allow root access.

7.2CVSS7.5AI score0.0008EPSS

CVE•added 1999/09/29 4:0 a.m.•56 views

CVE-1999-0295

Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.

7.2CVSS7AI score0.0006EPSS

CVE•added 2000/06/02 4:0 a.m.•56 views

CVE-1999-0493

rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.

7.5CVSS6.7AI score0.06771EPSS

CVE•added 2000/01/04 5:0 a.m.•54 views

CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

7.5CVSS7.3AI score0.07295EPSS

CVE•added 1999/09/29 4:0 a.m.•52 views

CVE-1999-0301

Buffer overflow in SunOS/Solaris ps command.

7.2CVSS7.1AI score0.0041EPSS

CVE•added 2000/10/13 4:0 a.m.•52 views

CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

7.2CVSS6.8AI score0.00344EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0065

Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.

7.5CVSS7.9AI score0.01279EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0188

The passwd command in Solaris can be subjected to a denial of service.

7.2CVSS7.3AI score0.00067EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0315

Buffer overflow in Solaris fdformat command gives root access to local users.

7.2CVSS7AI score0.00145EPSS

CVE•added 2000/02/04 5:0 a.m.•51 views

CVE-1999-0370

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

4.6CVSS7.3AI score0.00082EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

4.6CVSS6.6AI score0.00122EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0320

SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

9.3CVSS6.8AI score0.00483EPSS

CVE•added 1999/09/29 4:0 a.m.•49 views

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

7.2CVSS7.9AI score0.003EPSS

CVE•added 2000/01/04 5:0 a.m.•48 views

CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

7.2CVSS6.7AI score0.00123EPSS

CVE•added 1999/09/29 4:0 a.m.•47 views

CVE-1999-0099

Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.

10CVSS7.9AI score0.01375EPSS

CVE•added 1999/09/29 4:0 a.m.•46 views

CVE-1999-0190

Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.

7.2CVSS7.7AI score0.00067EPSS

CVE•added 1999/09/29 4:0 a.m.•45 views

CVE-1999-0132

Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.

2.1CVSS7.4AI score0.00358EPSS

CVE•added 2000/01/04 5:0 a.m.•45 views

CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

7.2CVSS7.2AI score0.00367EPSS

CVE•added 1999/09/29 4:0 a.m.•44 views

CVE-1999-0051

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

7.2CVSS7.4AI score0.00246EPSS

CVE•added 2006/04/21 10:0 a.m.•43 views

CVE-1999-1588

Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.

10CVSS8.3AI score0.06849EPSS

CVE•added 2000/03/22 5:0 a.m.•42 views

CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

4.6CVSS6.8AI score0.00154EPSS

CVE•added 2001/05/07 4:0 a.m.•42 views

CVE-2001-0115

Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.

7.2CVSS7.8AI score0.0023EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0185

In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.

7.5CVSS7.7AI score0.02697EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0300

nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.

7.5CVSS7.4AI score0.00489EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0369

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

7.2CVSS8.2AI score0.0041EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0973

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

10CVSS7.6AI score0.03141EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0974

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

10CVSS7.7AI score0.0244EPSS

CVE•added 2002/03/09 5:0 a.m.•41 views

CVE-1999-1191

Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

7.2CVSS7.7AI score0.00196EPSS

CVE•added 1999/09/29 4:0 a.m.•40 views

CVE-1999-0303

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

4.6CVSS7.7AI score0.00055EPSS

CVE•added 2002/03/09 5:0 a.m.•40 views

CVE-1999-1423

ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

2.1CVSS7AI score0.00331EPSS

CVE•added 2000/02/08 5:0 a.m.•40 views

CVE-2000-0118

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

7.2CVSS6.9AI score0.00148EPSS

CVE•added 2000/02/04 5:0 a.m.•38 views

CVE-2000-0055

Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.

7.2CVSS7.3AI score0.00063EPSS

CVE•added 2002/03/09 5:0 a.m.•36 views

CVE-1999-1419

Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.

7.2CVSS7.7AI score0.00053EPSS

CVE•added 2002/03/09 5:0 a.m.•32 views

CVE-1999-1432

Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restori...

7.5CVSS7.1AI score0.03047EPSS

CVE•added 2001/09/12 4:0 a.m.•30 views

CVE-1999-1413

Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.

4.6CVSS7AI score0.00155EPSS

CVE•added 2001/09/12 4:0 a.m.•29 views

CVE-1999-1026

aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.

7.2CVSS7.4AI score0.00123EPSS