Solaris@2.5 Security Vulnerabilities and Issues — Solaris@2.5 CVE List

Lucene search

SunSolaris2.5

56 matches found

CVE•added 1999/09/29 4:0 a.m.•370 views

CVE-1999-0024

DNS cache poisoning via BIND, by predictable query IDs.

5CVSS6.7AI score0.01325EPSS

CVE•added 1999/09/29 4:0 a.m.•162 views

CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as root.

8.4CVSS7.9AI score0.00114EPSS

CVE•added 2002/06/25 4:0 a.m.•153 views

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

10CVSS7.4AI score0.88625EPSS

CVE•added 1999/09/29 4:0 a.m.•147 views

CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

5CVSS7.3AI score0.25583EPSS

CVE•added 1999/09/29 4:0 a.m.•102 views

CVE-1999-0097

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

10CVSS7.2AI score0.01076EPSS

CVE•added 2003/04/02 5:0 a.m.•93 views

CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers...

10CVSS7.6AI score0.71952EPSS

CVE•added 1999/09/29 4:0 a.m.•76 views

CVE-1999-0009

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

10CVSS7.3AI score0.8048EPSS

CVE•added 1999/09/29 4:0 a.m.•73 views

CVE-1999-0018

Buffer overflow in statd allows root privileges.

10CVSS7.7AI score0.10302EPSS

CVE•added 2000/03/22 5:0 a.m.•73 views

CVE-1999-0189

Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.

7.5CVSS6.7AI score0.00489EPSS

CVE•added 2000/01/04 5:0 a.m.•63 views

CVE-1999-0977

Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.

10CVSS7.2AI score0.05886EPSS

CVE•added 1999/09/29 4:0 a.m.•62 views

CVE-1999-0054

Sun's ftpd daemon can be subjected to a denial of service.

5CVSS7.3AI score0.00562EPSS

CVE•added 2005/06/21 4:0 a.m.•62 views

CVE-2001-1503

The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.

2.1CVSS6.5AI score0.00215EPSS

CVE•added 2000/06/02 4:0 a.m.•60 views

CVE-1999-0210

Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.

10CVSS7.1AI score0.08326EPSS

CVE•added 1999/09/29 4:0 a.m.•57 views

CVE-1999-0125

Buffer overflow in SGI IRIX mailx program.

4.6CVSS7.7AI score0.00634EPSS

CVE•added 1999/09/29 4:0 a.m.•56 views

CVE-1999-0055

Buffer overflows in Sun libnsl allow root access.

7.2CVSS7.5AI score0.0008EPSS

CVE•added 1999/09/29 4:0 a.m.•56 views

CVE-1999-0295

Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.

7.2CVSS7AI score0.0006EPSS

CVE•added 2000/06/02 4:0 a.m.•56 views

CVE-1999-0493

rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.

7.5CVSS6.7AI score0.06771EPSS

CVE•added 2000/06/02 4:0 a.m.•55 views

CVE-1999-0696

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

10CVSS6.9AI score0.05576EPSS

CVE•added 2000/02/04 5:0 a.m.•54 views

CVE-1999-0241

Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.

10CVSS7.9AI score0.05132EPSS

CVE•added 2000/01/04 5:0 a.m.•54 views

CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

7.5CVSS7.3AI score0.07295EPSS

CVE•added 1999/09/29 4:0 a.m.•52 views

CVE-1999-0301

Buffer overflow in SunOS/Solaris ps command.

7.2CVSS7.1AI score0.0041EPSS

CVE•added 2000/10/13 4:0 a.m.•52 views

CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

7.2CVSS6.8AI score0.00344EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0065

Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.

7.5CVSS7.9AI score0.01279EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0188

The passwd command in Solaris can be subjected to a denial of service.

7.2CVSS7.3AI score0.00067EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0315

Buffer overflow in Solaris fdformat command gives root access to local users.

7.2CVSS7AI score0.00145EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

4.6CVSS6.6AI score0.00122EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0320

SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

9.3CVSS6.8AI score0.00483EPSS

CVE•added 1999/09/29 4:0 a.m.•49 views

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

7.2CVSS7.9AI score0.003EPSS

CVE•added 1999/09/29 4:0 a.m.•48 views

CVE-1999-0442

Solaris ff.core allows local users to modify files.

2.1CVSS6.7AI score0.00154EPSS

CVE•added 2000/01/04 5:0 a.m.•48 views

CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

7.2CVSS6.7AI score0.00123EPSS

CVE•added 1999/09/29 4:0 a.m.•47 views

CVE-1999-0109

Buffer overflow in ffbconfig in Solaris 2.5.1.

7.2CVSS7.7AI score0.00362EPSS

CVE•added 1999/09/29 4:0 a.m.•46 views

CVE-1999-0135

admintool in Solaris allows a local user to write to arbitrary files and gain root access.

7.2CVSS7.5AI score0.0006EPSS

CVE•added 1999/09/29 4:0 a.m.•46 views

CVE-1999-0190

Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.

7.2CVSS7.7AI score0.00067EPSS

CVE•added 1999/09/29 4:0 a.m.•44 views

CVE-1999-0051

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

7.2CVSS7.4AI score0.00246EPSS

CVE•added 2006/04/21 10:0 a.m.•43 views

CVE-1999-1588

Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.

10CVSS8.3AI score0.06849EPSS

CVE•added 2000/03/22 5:0 a.m.•42 views

CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

4.6CVSS6.8AI score0.00154EPSS

CVE•added 2001/05/07 4:0 a.m.•42 views

CVE-2001-0115

Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.

7.2CVSS7.8AI score0.0023EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0139

Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.

7.2CVSS7.3AI score0.00063EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0185

In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.

7.5CVSS7.7AI score0.02697EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0300

nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.

7.5CVSS7.4AI score0.00489EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0369

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

7.2CVSS8.2AI score0.0041EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

7.2CVSS7.6AI score0.00126EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0973

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

10CVSS7.6AI score0.03141EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0974

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

10CVSS7.7AI score0.0244EPSS

CVE•added 2002/03/09 5:0 a.m.•41 views

CVE-1999-1191

Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

7.2CVSS7.7AI score0.00196EPSS

CVE•added 2002/02/02 5:0 a.m.•41 views

CVE-2001-1076

Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.

7.2CVSS7.8AI score0.00209EPSS

CVE•added 1999/09/29 4:0 a.m.•40 views

CVE-1999-0303

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

4.6CVSS7.7AI score0.00055EPSS

CVE•added 1999/09/29 4:0 a.m.•40 views

CVE-1999-0339

Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.

7.2CVSS7.7AI score0.00063EPSS

CVE•added 2002/03/09 5:0 a.m.•40 views

CVE-1999-1423

ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

2.1CVSS7AI score0.00331EPSS

CVE•added 2006/05/05 10:0 p.m.•39 views

CVE-2005-4796

Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.

3.6CVSS5.8AI score0.00073EPSS

Total number of security vulnerabilities56