Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
SunSolaris2.6

128 matches found

CVE
CVEadded 2005/02/08 5:0 a.m.40 views

CVE-2003-1070

Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).

5CVSS7AI score0.009EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.40 views

CVE-2004-1393

Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang).

5CVSS6.6AI score0.01589EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.39 views

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

7.2CVSS7.6AI score0.00115EPSS
CVE
CVEadded 2000/04/18 4:0 a.m.39 views

CVE-1999-0773

Buffer overflow in Solaris lpset program allows local users to gain root access.

7.2CVSS7.2AI score0.00145EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.39 views

CVE-1999-0860

Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

2.1CVSS6.6AI score0.00175EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.39 views

CVE-2002-1296

Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.

7.2CVSS7.1AI score0.00027EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.39 views

CVE-2002-1586

Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference.

2.1CVSS6.6AI score0.00067EPSS
CVE
CVEadded 2005/11/16 9:17 p.m.39 views

CVE-2002-2203

Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.

4.9CVSS6.6AI score0.0007EPSS
CVE
CVEadded 2006/05/05 10:0 p.m.39 views

CVE-2005-4796

Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.

3.6CVSS5.8AI score0.00073EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.38 views

CVE-1999-0296

Solaris volrmmount program allows attackers to read any file.

7.2CVSS7.2AI score0.00067EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.38 views

CVE-2000-0055

Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.

7.2CVSS7.3AI score0.00063EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.38 views

CVE-2003-1059

Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.

7.2CVSS7.2AI score0.00047EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.38 views

CVE-2003-1079

Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.

5CVSS7AI score0.01108EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.37 views

CVE-1999-1025

CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.

4.6CVSS7.1AI score0.00074EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.37 views

CVE-2001-0565

Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.

4.6CVSS6.9AI score0.00175EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.36 views

CVE-1999-0952

Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.

7.2CVSS7.2AI score0.00063EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.36 views

CVE-2003-1056

The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.

7.2CVSS6.8AI score0.00047EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.36 views

CVE-2003-1067

Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.

7.2CVSS6.7AI score0.00092EPSS
CVE
CVEadded 2000/04/18 4:0 a.m.35 views

CVE-1999-0676

sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.

4.6CVSS6.6AI score0.00073EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.34 views

CVE-2000-0407

Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.

7.2CVSS7.7AI score0.00212EPSS
CVE
CVEadded 2002/03/15 5:0 a.m.34 views

CVE-2002-0088

Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.

7.2CVSS6.8AI score0.00053EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.34 views

CVE-2003-1075

Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.

5CVSS7AI score0.00911EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.32 views

CVE-1999-1402

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

2.1CVSS7.3AI score0.00115EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.32 views

CVE-1999-1432

Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restori...

7.5CVSS7.1AI score0.03047EPSS
CVE
CVEadded 2002/08/12 4:0 a.m.32 views

CVE-2002-0796

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

10CVSS7.3AI score0.02571EPSS
CVE
CVEadded 2007/09/23 11:0 p.m.32 views

CVE-2004-2686

Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure.

7.2CVSS6.4AI score0.00211EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.31 views

CVE-1999-1118

ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.

2.1CVSS7AI score0.00063EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.28 views

CVE-1999-1027

Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program.

7.2CVSS7.3AI score0.00038EPSS
Total number of security vulnerabilities128