Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SunSolaris

9 matches found

CVE
CVEadded 2006/10/12 12:7 a.m.51 views

CVE-2006-4842

The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.

3.6CVSS7.3AI score0.09479EPSS
CVE
CVEadded 2006/08/29 11:4 p.m.46 views

CVE-2006-4439

pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871.

3.6CVSS6AI score0.00056EPSS
CVE
CVEadded 2007/10/09 10:17 p.m.46 views

CVE-2007-5319

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.

3.5CVSS6AI score0.0061EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.42 views

CVE-2005-0576

Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.

3.6CVSS6.8AI score0.00054EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.41 views

CVE-2003-1058

The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.

3.7CVSS6.8AI score0.00077EPSS
CVE
CVEadded 2006/05/05 10:0 p.m.39 views

CVE-2005-4796

Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.

3.6CVSS5.8AI score0.00073EPSS
CVE
CVEadded 2010/03/29 10:30 p.m.38 views

CVE-2010-1183

Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.

3.3CVSS6.2AI score0.00069EPSS
CVE
CVEadded 2006/10/10 4:6 a.m.37 views

CVE-2006-5213

Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation (network device aggregation).

3.6CVSS6.3AI score0.00078EPSS
CVE
CVEadded 2007/12/20 11:46 p.m.37 views

CVE-2007-6505

Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.

3.5CVSS6.5AI score0.0033EPSS