Lucene search

K

139 matches found

CVE
CVE
added 2005/05/02 4:0 a.m.39 views

CVE-2005-0248

The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.

7.5CVSS7.1AI score0.00567EPSS
CVE
CVE
added 2005/09/27 7:3 p.m.39 views

CVE-2005-3071

Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS.

2.1CVSS6.2AI score0.00063EPSS
CVE
CVE
added 2006/05/05 10:0 p.m.39 views

CVE-2005-4796

Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.

3.6CVSS5.8AI score0.00073EPSS
CVE
CVE
added 2006/07/28 10:4 p.m.39 views

CVE-2006-3920

The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm.

5CVSS6.6AI score0.01954EPSS
CVE
CVE
added 2006/08/23 7:4 p.m.39 views

CVE-2006-4307

Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319.

7.2CVSS6.2AI score0.0007EPSS
CVE
CVE
added 2007/09/27 5:17 p.m.39 views

CVE-2007-5118

Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.

4.7CVSS6AI score0.0006EPSS
CVE
CVE
added 2005/08/05 4:0 a.m.38 views

CVE-2002-2089

Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.

4.6CVSS7.9AI score0.00096EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.38 views

CVE-2003-1059

Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.

7.2CVSS7.2AI score0.00047EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.38 views

CVE-2003-1079

Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.

5CVSS7AI score0.01108EPSS
CVE
CVE
added 2006/04/13 10:2 a.m.38 views

CVE-2006-1780

The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh crash) via an unspecified attack vector that causes sh processes to crash during creation of temporary files.

2.1CVSS6.1AI score0.00067EPSS
CVE
CVE
added 2007/05/02 10:19 p.m.38 views

CVE-2007-2465

Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function.

4.7CVSS6.4AI score0.00061EPSS
CVE
CVE
added 2007/08/23 12:17 a.m.38 views

CVE-2007-4492

Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123.

4.9CVSS6.4AI score0.00045EPSS
CVE
CVE
added 2007/08/23 1:17 a.m.38 views

CVE-2007-4495

Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124.

4.9CVSS6.1AI score0.00051EPSS
CVE
CVE
added 2007/09/27 7:17 p.m.38 views

CVE-2007-5132

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."

4.9CVSS6AI score0.00047EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.37 views

CVE-2003-1077

Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang).

2.1CVSS6.6AI score0.0007EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.37 views

CVE-2004-1353

Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges.

7.2CVSS7.2AI score0.00058EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.37 views

CVE-2004-1358

The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.

5CVSS7AI score0.0054EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.37 views

CVE-2004-1394

The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.

4.6CVSS7.2AI score0.00077EPSS
CVE
CVE
added 2006/07/18 3:47 p.m.37 views

CVE-2006-3664

Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors.

5CVSS6.2AI score0.01849EPSS
CVE
CVE
added 2006/12/04 11:28 a.m.37 views

CVE-2006-6275

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.

4.7CVSS6.7AI score0.00048EPSS
CVE
CVE
added 2007/02/23 3:28 a.m.37 views

CVE-2006-7028

Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it might be related to "j...

7.8CVSS7AI score0.0066EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.36 views

CVE-2003-1067

Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.

7.2CVSS6.7AI score0.00092EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.36 views

CVE-2003-1074

Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.

7.2CVSS7AI score0.00053EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.36 views

CVE-2003-1076

Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.

7.2CVSS6.6AI score0.00053EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.36 views

CVE-2005-0816

Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges.

7.2CVSS7.2AI score0.0005EPSS
CVE
CVE
added 2006/04/13 10:2 a.m.36 views

CVE-2006-1782

Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including (2) ldapadd, (3) ldapdelete, (4) ldapmodify, (5)...

2.1CVSS6.5AI score0.00092EPSS
CVE
CVE
added 2006/12/13 1:28 a.m.36 views

CVE-2006-6495

Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cas...

6.6CVSS7.6AI score0.00055EPSS
CVE
CVE
added 2007/06/27 5:30 p.m.36 views

CVE-2007-3458

The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.

4.9CVSS6AI score0.00061EPSS
CVE
CVE
added 2004/08/06 4:0 a.m.35 views

CVE-2004-0654

Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).

2.1CVSS6.6AI score0.00128EPSS
CVE
CVE
added 2006/01/13 11:3 a.m.35 views

CVE-2006-0190

Unspecified vulnerability in Sun Solaris 9 and 10 for the x86 platform allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors, possibly involving functions from the mm driver.

7.2CVSS6.8AI score0.00051EPSS
CVE
CVE
added 2006/02/27 7:6 p.m.35 views

CVE-2006-0901

Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code.

7.2CVSS6.9AI score0.00094EPSS
CVE
CVE
added 2006/07/18 3:46 p.m.35 views

CVE-2006-3606

Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library.

5CVSS6.8AI score0.0074EPSS
CVE
CVE
added 2007/06/01 10:30 a.m.35 views

CVE-2007-2989

The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-22...

7.8CVSS6.4AI score0.03788EPSS
CVE
CVE
added 2009/06/11 3:30 p.m.35 views

CVE-2009-2029

Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.

5CVSS6.1AI score0.00742EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.34 views

CVE-2003-1075

Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.

5CVSS7AI score0.00911EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.34 views

CVE-2004-1356

Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.

2.1CVSS6.5AI score0.00063EPSS
CVE
CVE
added 2007/09/06 7:17 p.m.34 views

CVE-2007-4732

Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.

4.9CVSS6.2AI score0.00058EPSS
CVE
CVE
added 2007/09/23 11:0 p.m.32 views

CVE-2004-2686

Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure.

7.2CVSS6.4AI score0.00211EPSS
CVE
CVE
added 2006/12/13 1:28 a.m.32 views

CVE-2006-6494

Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers.

6.6CVSS7.5AI score0.00036EPSS
Total number of security vulnerabilities139