Lucene search

K

139 matches found

CVE
CVE
added 2007/07/30 5:30 p.m.46 views

CVE-2007-4070

Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.

4.9CVSS5.9AI score0.00066EPSS
CVE
CVE
added 2007/10/09 10:17 p.m.46 views

CVE-2007-5319

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.

3.5CVSS6AI score0.0061EPSS
CVE
CVE
added 2002/10/28 5:0 a.m.45 views

CVE-2002-1228

Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.

5CVSS6.2AI score0.00703EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.45 views

CVE-2003-0092

Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

7.2CVSS7.1AI score0.0005EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.45 views

CVE-2003-1069

The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).

5CVSS7.1AI score0.00763EPSS
CVE
CVE
added 2005/05/16 4:0 a.m.45 views

CVE-2005-1591

Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.

5CVSS7AI score0.00655EPSS
CVE
CVE
added 2006/03/09 1:6 p.m.45 views

CVE-2006-1092

Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that ...

2.1CVSS6.2AI score0.00067EPSS
CVE
CVE
added 2006/08/23 7:4 p.m.45 views

CVE-2006-4306

Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile.

7.2CVSS7AI score0.00056EPSS
CVE
CVE
added 2006/03/29 1:0 a.m.44 views

CVE-1999-1587

/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.

2.1CVSS6AI score0.00132EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.44 views

CVE-2002-1199

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

5CVSS6.5AI score0.02144EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.44 views

CVE-2003-1060

The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.

5CVSS7.1AI score0.00739EPSS
CVE
CVE
added 2005/09/28 11:3 p.m.44 views

CVE-2005-3099

Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.

4.6CVSS6.8AI score0.00078EPSS
CVE
CVE
added 2007/01/24 1:28 a.m.44 views

CVE-2007-0470

Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.

7.2CVSS6.5AI score0.00054EPSS
CVE
CVE
added 2007/11/30 12:46 a.m.44 views

CVE-2007-6180

Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors.

7.6CVSS6AI score0.00216EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.43 views

CVE-2002-1585

Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic.

5CVSS7AI score0.00739EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.43 views

CVE-2003-0058

MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

5CVSS8.7AI score0.19337EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.43 views

CVE-2003-1055

Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup.

7.2CVSS7.3AI score0.00249EPSS
CVE
CVE
added 2005/02/15 5:0 a.m.43 views

CVE-2005-0447

Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.

5CVSS7AI score0.00911EPSS
CVE
CVE
added 2006/09/27 1:7 a.m.43 views

CVE-2006-5012

Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.

6.6CVSS6.2AI score0.00053EPSS
CVE
CVE
added 2009/05/26 9:30 p.m.43 views

CVE-2008-3869

Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.

10CVSS7.9AI score0.3328EPSS
CVE
CVE
added 2004/01/05 5:0 a.m.42 views

CVE-2003-0999

Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.

7.2CVSS8AI score0.00058EPSS
CVE
CVE
added 2004/08/25 4:0 a.m.42 views

CVE-2004-0800

Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.

4.6CVSS6.6AI score0.00096EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.42 views

CVE-2004-1359

Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.

4.6CVSS7.5AI score0.00094EPSS
CVE
CVE
added 2005/03/10 5:0 a.m.42 views

CVE-2004-1767

The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function.

7.2CVSS6.5AI score0.00066EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.42 views

CVE-2005-0576

Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.

3.6CVSS6.8AI score0.00054EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.42 views

CVE-2005-1518

Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500.

2.1CVSS6.6AI score0.00058EPSS
CVE
CVE
added 2006/01/17 8:7 p.m.42 views

CVE-2006-0227

Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.

2.6CVSS6.7AI score0.0007EPSS
CVE
CVE
added 2007/06/19 10:30 p.m.42 views

CVE-2007-3283

GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.

6.8CVSS6.2AI score0.00048EPSS
CVE
CVE
added 2009/05/26 9:30 p.m.42 views

CVE-2008-3870

Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.

10CVSS7.8AI score0.3062EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.41 views

CVE-2003-1057

Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.

7.2CVSS7.5AI score0.00059EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.41 views

CVE-2003-1058

The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.

3.7CVSS6.8AI score0.00077EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.41 views

CVE-2003-1066

Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.

5CVSS8AI score0.02283EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.41 views

CVE-2003-1082

Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068.

7.2CVSS6.8AI score0.00144EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.41 views

CVE-2004-1346

The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.

2.1CVSS6.1AI score0.00087EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.41 views

CVE-2004-1351

Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code.

10CVSS7.5AI score0.14682EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.41 views

CVE-2005-2032

Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.

2.1CVSS6.3AI score0.00058EPSS
CVE
CVE
added 2005/11/18 9:3 p.m.41 views

CVE-2005-3674

The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details ...

7.8CVSS6.5AI score0.08207EPSS
CVE
CVE
added 2006/09/09 12:4 a.m.41 views

CVE-2006-4655

Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.

4.6CVSS6.8AI score0.00498EPSS
CVE
CVE
added 2007/10/15 10:17 p.m.41 views

CVE-2007-5462

Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automount...

7.8CVSS6.1AI score0.02227EPSS
CVE
CVE
added 2007/10/23 5:46 p.m.41 views

CVE-2007-5632

Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions.

4.9CVSS6.6AI score0.0006EPSS
CVE
CVE
added 2009/07/29 5:30 p.m.41 views

CVE-2009-2644

Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."

4.9CVSS6.2AI score0.00048EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.40 views

CVE-2003-1070

Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).

5CVSS7AI score0.009EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.40 views

CVE-2005-1124

Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API.

4.6CVSS6.9AI score0.00066EPSS
CVE
CVE
added 2006/08/24 1:4 a.m.40 views

CVE-2006-4319

Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.

7.2CVSS7.2AI score0.0007EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.40 views

CVE-2006-5214

Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession ...

1.2CVSS5.8AI score0.0006EPSS
CVE
CVE
added 2007/01/10 12:28 a.m.40 views

CVE-2007-0165

Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.

7.8CVSS6.3AI score0.09892EPSS
CVE
CVE
added 2007/05/30 1:30 a.m.40 views

CVE-2007-2882

Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.

5CVSS6.4AI score0.02604EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.39 views

CVE-2002-1296

Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.

7.2CVSS7.1AI score0.00027EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.39 views

CVE-2002-1586

Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference.

2.1CVSS6.6AI score0.00067EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.39 views

CVE-2004-2306

Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection.

4.6CVSS7AI score0.00077EPSS
Total number of security vulnerabilities139