Solaris Security Vulnerabilities and Issues — Solaris CVE List

Lucene search

SunSolaris

43 matches found

CVE•added 2008/11/18 4:0 p.m.•63 views

CVE-2008-5133

ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-...

5.8CVSS6.6AI score0.87602EPSS

CVE•added 2008/12/19 5:30 p.m.•50 views

CVE-2008-5684

Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the G...

5CVSS6AI score0.01042EPSS

CVE•added 2008/11/10 3:23 p.m.•48 views

CVE-2008-5010

in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805.

10CVSS6.5AI score0.10097EPSS

CVE•added 2008/08/08 6:41 p.m.•47 views

CVE-2008-0964

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

9.3CVSS7.3AI score0.24948EPSS

CVE•added 2008/10/14 10:36 p.m.•47 views

CVE-2008-4556

Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.

10CVSS7.7AI score0.7931EPSS

CVE•added 2008/12/17 8:30 p.m.•46 views

CVE-2008-5661

The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference.

5.4CVSS6.6AI score0.00817EPSS

CVE•added 2008/12/19 5:30 p.m.•46 views

CVE-2008-5689

tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference.

7.2CVSS7.3AI score0.0023EPSS

CVE•added 2008/12/12 6:30 p.m.•45 views

CVE-2008-5550

Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter.

4.3CVSS6.5AI score0.00638EPSS

CVE•added 2008/03/17 5:44 p.m.•43 views

CVE-2008-1356

Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash.

6.3CVSS6.2AI score0.00041EPSS

CVE•added 2008/05/06 3:20 p.m.•42 views

CVE-2008-2090

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.

7.8CVSS6.5AI score0.01482EPSS

CVE•added 2008/06/16 8:41 p.m.•42 views

CVE-2008-2710

Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large v...

7.2CVSS7.2AI score0.00081EPSS

CVE•added 2008/06/30 10:41 p.m.•42 views

CVE-2008-2946

The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets.

7.8CVSS6.3AI score0.00817EPSS

CVE•added 2008/08/08 6:41 p.m.•41 views

CVE-2008-0965

Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.

9.3CVSS7.4AI score0.20404EPSS

CVE•added 2008/03/24 10:44 p.m.•41 views

CVE-2008-1480

rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.

4.3CVSS6.3AI score0.12098EPSS

CVE•added 2008/05/23 3:32 p.m.•41 views

CVE-2008-2418

Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.

4.7CVSS6.1AI score0.0005EPSS

CVE•added 2008/08/27 8:41 p.m.•41 views

CVE-2008-3839

Unspecified vulnerability in the NFS module in the kernel in Sun Solaris 10 and OpenSolaris snv_59 through snv_87, when configured as an NFS server without the nodevices option, allows local users to cause a denial of service (panic) via unspecified vectors.

4.7CVSS6.1AI score0.00061EPSS

CVE•added 2008/01/12 2:46 a.m.•40 views

CVE-2008-0242

Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.

7.2CVSS6.5AI score0.00048EPSS

CVE•added 2008/05/06 3:20 p.m.•40 views

CVE-2008-2089

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.

7.8CVSS6.5AI score0.01482EPSS

CVE•added 2008/07/31 10:41 p.m.•40 views

CVE-2008-3426

Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpic...

2.1CVSS6AI score0.00069EPSS

CVE•added 2008/12/19 5:30 p.m.•39 views

CVE-2008-5690

The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the stor...

2.1CVSS8.5AI score0.00043EPSS

CVE•added 2008/12/22 3:30 p.m.•39 views

CVE-2008-5699

The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors.

4.6CVSS6.2AI score0.00045EPSS

CVE•added 2008/03/08 12:44 a.m.•38 views

CVE-2008-1205

Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors.

4.9CVSS6.2AI score0.00045EPSS

CVE•added 2008/09/19 5:15 p.m.•38 views

CVE-2008-4131

Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs.

7.2CVSS6.5AI score0.00227EPSS

CVE•added 2008/11/17 11:30 p.m.•38 views

CVE-2008-5111

Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function.

4.7CVSS6.3AI score0.00061EPSS

CVE•added 2008/02/12 9:0 p.m.•37 views

CVE-2008-0730

The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read from, the home direct...

4.6CVSS6.3AI score0.00077EPSS

CVE•added 2008/08/07 9:41 p.m.•37 views

CVE-2008-3549

Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors.

4.7CVSS6.1AI score0.00061EPSS

CVE•added 2008/02/12 2:0 a.m.•36 views

CVE-2008-0718

Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors.

4.7CVSS6.1AI score0.00045EPSS

CVE•added 2008/02/25 6:44 p.m.•36 views

CVE-2008-0933

Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service (panic) via unspecified vectors related to kcpc_unbind and kcpc_restore.

4.7CVSS6.2AI score0.00048EPSS

CVE•added 2008/02/29 11:44 a.m.•36 views

CVE-2008-1095

Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.

6.8CVSS6.8AI score0.00723EPSS

CVE•added 2008/04/14 4:5 p.m.•35 views

CVE-2008-1779

Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.

6.8CVSS6.3AI score0.01379EPSS

CVE•added 2008/06/03 3:32 p.m.•35 views

CVE-2008-2538

Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.

6.9CVSS6.2AI score0.00036EPSS

CVE•added 2008/08/27 8:41 p.m.•35 views

CVE-2008-3838

Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of...

7.2CVSS6.6AI score0.00063EPSS

CVE•added 2008/03/13 2:44 p.m.•34 views

CVE-2008-1317

Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues.

4.9CVSS6.2AI score0.00045EPSS

CVE•added 2008/06/16 6:41 p.m.•34 views

CVE-2008-2706

Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference.

4.9CVSS6.2AI score0.00061EPSS

CVE•added 2008/12/10 12:30 a.m.•34 views

CVE-2008-5410

The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 does not maintain reference counts for operations with asymmetric keys, which allows context-dependent attackers to cause a denial of service (failed cryptographic operations) via unspecified vectors, related to the (1) RSA_sign...

7.8CVSS6.5AI score0.0115EPSS

CVE•added 2008/03/03 6:44 p.m.•33 views

CVE-2008-1115

Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands.

4.9CVSS6.3AI score0.00112EPSS

CVE•added 2008/04/14 4:5 p.m.•33 views

CVE-2008-1780

Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors.

4.6CVSS6.5AI score0.00073EPSS

CVE•added 2008/09/02 2:24 p.m.•33 views

CVE-2008-3875

The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls.

7.2CVSS6AI score0.00064EPSS

CVE•added 2008/02/20 9:44 p.m.•32 views

CVE-2008-0836

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319.

4.9CVSS6.2AI score0.0061EPSS

CVE•added 2008/04/06 11:44 p.m.•32 views

CVE-2008-1684

inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.

4.7CVSS6.3AI score0.00022EPSS

CVE•added 2008/02/25 6:44 p.m.•29 views

CVE-2008-0938

Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126.

4.7CVSS5.7AI score0.00059EPSS

CVE•added 2008/08/13 5:41 p.m.•29 views

CVE-2008-3666

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server...

7.1CVSS6.1AI score0.00877EPSS

CVE•added 2008/09/22 6:52 p.m.•26 views

CVE-2008-4160

Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation.

4.7CVSS5.9AI score0.00058EPSS