Solaris@9 Security Vulnerabilities and Issues — Solaris@9 CVE List

Lucene search

SunSolaris9

18 matches found

CVE•added 2009/01/15 5:30 p.m.•49 views

CVE-2009-0132

Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).

4.9CVSS6.3AI score0.00107EPSS

CVE•added 2009/04/09 3:8 p.m.•49 views

CVE-2009-1276

XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail not...

2.1CVSS5.8AI score0.00066EPSS

CVE•added 2009/09/08 6:30 p.m.•48 views

CVE-2009-3100

xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an A...

4CVSS6.4AI score0.00038EPSS

CVE•added 2009/01/28 6:30 p.m.•46 views

CVE-2009-0319

Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."

6.9CVSS6.6AI score0.00044EPSS

CVE•added 2009/08/21 11:2 a.m.•46 views

CVE-2009-2912

The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.

4.9CVSS6.2AI score0.00061EPSS

CVE•added 2009/03/12 3:20 p.m.•45 views

CVE-2009-0874

Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones rela...

4.9CVSS7.3AI score0.00037EPSS

CVE•added 2009/07/10 5:30 p.m.•45 views

CVE-2009-2430

Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and OpenSolaris snv_01 through snv_58, when Solaris Auditing is enabled, allows local users with an RBAC execution profile for auditconfig to gain privileges via unknown attack vectors.

4.6CVSS6.4AI score0.00066EPSS

CVE•added 2009/03/12 3:20 p.m.•44 views

CVE-2009-0875

Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is t...

6.9CVSS6.9AI score0.00026EPSS

CVE•added 2009/01/26 3:30 p.m.•43 views

CVE-2009-0268

Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.

4.9CVSS6AI score0.00048EPSS

CVE•added 2009/04/01 10:30 a.m.•43 views

CVE-2009-1207

Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.

4.4CVSS6.1AI score0.00045EPSS

CVE•added 2009/08/27 5:30 p.m.•43 views

CVE-2009-2972

in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."

7.8CVSS6.7AI score0.01517EPSS

CVE•added 2009/01/26 3:30 p.m.•42 views

CVE-2009-0267

libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.

5CVSS6.5AI score0.03788EPSS

CVE•added 2009/06/05 4:0 p.m.•41 views

CVE-2009-1933

Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.

4.7CVSS8.6AI score0.00063EPSS

CVE•added 2009/01/29 7:30 p.m.•40 views

CVE-2009-0346

The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection.

4.9CVSS6.3AI score0.00051EPSS

CVE•added 2009/02/09 4:30 p.m.•40 views

CVE-2009-0480

The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets.

4.9CVSS6.3AI score0.00058EPSS

CVE•added 2009/09/14 4:30 p.m.•39 views

CVE-2009-3183

Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.

7.2CVSS6.6AI score0.00048EPSS

CVE•added 2009/05/18 6:30 p.m.•36 views

CVE-2009-1673

The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD.

4.9CVSS6.3AI score0.0006EPSS

CVE•added 2009/06/11 3:30 p.m.•35 views

CVE-2009-2029

Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.

5CVSS6.1AI score0.00742EPSS