Solaris@8.0 Security Vulnerabilities and Issues — Solaris@8.0 CVE List

Lucene search

SunSolaris8.0

13 matches found

cve•added 2004/09/01 4:0 a.m.•84 views

CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5CVSS8AI score0.42484EPSS

cve•added 2004/09/01 4:0 a.m.•62 views

CVE-2002-0158

Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.

7.2CVSS6.9AI score0.00178EPSS

cve•added 2004/08/18 4:0 a.m.•62 views

CVE-2004-0523

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

10CVSS9.8AI score0.13596EPSS

cve•added 2004/09/01 4:0 a.m.•54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS

cve•added 2004/11/23 5:0 a.m.•54 views

CVE-2004-0360

Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.3AI score0.00265EPSS

cve•added 2004/09/01 4:0 a.m.•53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS

cve•added 2004/09/01 4:0 a.m.•52 views

CVE-2002-0090

Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.

7.2CVSS7.5AI score0.00137EPSS

cve•added 2004/09/01 4:0 a.m.•46 views

CVE-2003-0027

Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

5CVSS6.7AI score0.65152EPSS

cve•added 2004/09/01 4:0 a.m.•43 views

CVE-2003-0058

MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

5CVSS8.7AI score0.19337EPSS

cve•added 2004/01/05 5:0 a.m.•42 views

CVE-2003-0999

Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.

7.2CVSS8AI score0.00058EPSS

cve•added 2004/08/25 4:0 a.m.•42 views

CVE-2004-0800

Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.

4.6CVSS6.6AI score0.00096EPSS

cve•added 2004/09/01 4:0 a.m.•39 views

CVE-2002-1296

Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.

7.2CVSS7.1AI score0.00027EPSS

cve•added 2004/08/06 4:0 a.m.•35 views

CVE-2004-0654

Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).

2.1CVSS6.6AI score0.00128EPSS