Lucene search
K
SunSunos

561 matches found

CVE
CVE
added 2002/03/09 5:0 a.m.6409 views

CVE-2001-0554

CVE-2001-0554 affects netkit-telnetd (Telnet daemon) on BSD-based systems, via a buffer overflow in in.telnetd/telrcv handling (triggered by certain Telnet options such as AYT). OpenVAS entries describe a remote attacker potentially causing denial of service or gaining remote code execution; at l...

10CVSS7.4AI score0.37896EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.814 views

CVE-1999-0517

CVE-1999-0517 identifies an SNMP flaw where the community string is default (public), null, or missing. This enables remote SNMP access to the device, with potential exposure of SNMP data and management actions. The vulnerability is reflected across various advisories and scanners (including F5 B...

7.5CVSS6.7AI score0.27166EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.476 views

CVE-1999-0502

CVE-1999-0502 describes Unix accounts with default, null, blank or missing passwords. The documented impact is partial confidentiality, integrity, and availability compromise (authentication is none, allowing network access). CVSS base score 7.5 (HIGH) with network attack vector and low complexit...

7.5CVSS6.4AI score0.51933EPSS
Web
CVE
CVE
added 2005/11/01 11:0 a.m.456 views

CVE-2005-3398

CVE-2005-3398 relates to the Solaris Management Console web server in Solaris 8/9/10 where the HTTP TRACE method is enabled by default. The effect is potential cross-site tracing information leakage (e.g., cookies or headers) through TRACE requests. Connected docs confirm the TRACE issue as a rec...

4.3CVSS6.2AI score0.13108EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.430 views

CVE-1999-0024

CVE-1999-0024 describes a DNS cache-poisoning flaw in BIND caused by predictable DNS query IDs. The connected sources consistently state DNS cache poisoning via BIND, with related discussions in Red Hat/Security advisories and CERT context. The materials do not provide a concrete patch version or...

5CVSS6.7AI score0.04935EPSS
CVE
CVE
added 1999/09/29 12:0 a.m.256 views

CVE-1999-0211

CVE-1999-0211 is tied to NFS export handling where extra long export lists (over 256 characters) in mount daemons enable unauthenticated mounting of NFS directories. Public sources (Red Hat security page, CVE lists, Nessus plugin) describe that an attacker could mount exported shares, with Nessus...

5CVSS6.7AI score0.01616EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.240 views

CVE-1999-0017

CVE-1999-0017 is a documented FTP bounce vulnerability where an FTP server can be abused to connect to arbitrary ports on an attacker-controlled host by exploiting the PORT/PORT-like mechanisms. The core issue is that an FTP server’s data connection handling allows bounce traffic to other hosts (...

7.5CVSS6.3AI score0.01959EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.212 views

CVE-2001-0797

CVE-2001-0797 is a buffer overflow in the System V–derived /bin/login (affecting login/telnetd implementations such as TTYPROMPT) triggered by a large number of arguments, enabling remote arbitrary-command execution. The vulnerability affects various System V based OSes and can be exploited via s...

10CVSS7.4AI score0.88836EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.208 views

CVE-2004-1082

CVE-2004-1082 affects Apache 1.3.31 and 1.3.32 on Mac OS X Server. The vulnerability arises in mod_digest_apple where the server does not properly verify the nonce in a client response, allowing remote attackers to replay credentials. The NVD entry (CVSS v2 base score 7.5, HIGH) indicates a netwo...

7.5CVSS8.1AI score0.07583EPSS
CVE
CVE
added 2003/04/15 4:0 a.m.200 views

CVE-2003-0201

CVE-2003-0201 describes a buffer overflow in Samba's trans2open handling. Specifically, the overflow occurs in call_trans2open in trans2.c, affecting Samba 2.2.x before 2.2.8a, Samba 2.0.x before 2.0.10 (and earlier 2.0.x releases), and Samba-TNG before 0.3.2. This allows remote attackers to exec...

10CVSS7.3AI score0.84502EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.180 views

CVE-1999-0038

CVE-1999-0038 describes a buffer overflow in the xlock program that allows local users to execute commands as root. The connected sources (Red Hat CVE entry, PT Security listing, and multiple feeds) corroborate a local-privilege escalation due to a buffer overflow in xlock, but the documents do n...

8.4CVSS7.9AI score0.01322EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.166 views

CVE-1999-0513

CVE-1999-0513 describes a vulnerability where ICMP messages to broadcast addresses are allowed, enabling a Smurf attack that can cause a denial of service. The primary sources (NVD, Red Hat, and CVE listings) consistently state that the issue involves ICMP traffic to broadcast addresses, resultin...

5CVSS7.3AI score0.70462EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.158 views

CVE-1999-0016

CVE-1999-0016 describes a land IP denial-of-service condition: a TCP packet with SYN set and identical source/destination addresses and ports can exhaust the target’s CPU. Connected records confirm the same issue reappears in later advisories (e.g., CVE-2005-0688) and is observed in Windows XP SP...

5CVSS6.6AI score0.95739EPSS
CVE
CVE
added 2007/02/12 8:0 p.m.156 views

CVE-2007-0882

CVE-2007-0882 affects Sun Solaris in.telnetd (Solaris 10/11, SunOS 5.10/5.11). The vulnerability is an argument-injection flaw that misinterprets certain client "-f" sequences as login requests, enabling remote login bypass (e.g., to bin account) without authentication. Public exploit indications...

10CVSS6.6AI score0.97848EPSS
CVE
CVE
added 2012/06/12 10:0 p.m.155 views

CVE-2012-0217

CVE-2012-0217 affects the x86-64 kernel sysret path across multiple platforms (Xen 4.1.2 and earlier, XenServer 6.0.2 and earlier, Solaris 11 and earlier, illumos before r13724, FreeBSD before 9.0-RELEASE-p3, NetBSD 6.0 Beta and earlier, Windows Server 2008 R2/R2 SP1/Windows 7 SP1, and others). T...

7.2CVSS6.3AI score0.37212EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.154 views

CVE-1999-0097

The CVE-1999-0097 entry concerns the AIX FTP client, where a malicious FTP server can force execution of shell commands on the client via metacharacters (for example, a pipe). The issue is documented across multiple sources (NVD, CVE list) and is consistent with historical CERT/Red Hat advisories...

10CVSS7.2AI score0.0404EPSS
CVE
CVE
added 2011/01/19 3:0 p.m.151 views

CVE-2010-2632

CVE-2010-2632 maps to a glibc glob implementation issue in the GNU C Library where crafted glob expressions can consume CPU/memory and cause a denial of service; the IBM page notes a related glibc glob DoS via STAT commands to an FTP daemon, clarifying the root cause as the libc glob implementati...

7.8CVSS5.3AI score0.32357EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.138 views

CVE-2002-0573

CVE-2002-0573 affects Solaris systems running the rpc.rwalld daemon (Solaris 2.5.1–8). The issue is a format-string vulnerability in the error-handling path of rpc.rwalld, which can allow a remote attacker to execute arbitrary code with the daemon’s privileges (typically root) by sending a specia...

7.5CVSS7.6AI score0.09217EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.134 views

CVE-1999-0003

CVE-1999-0003: A buffer overflow in the ToolTalk database server (rpc.ttdbserverd) may allow an attacker to execute arbitrary commands as root. Affected component is ToolTalk’s object database server; exploitation would require access to the vulnerable service. In the provided references, the imp...

10CVSS7.5AI score0.2438EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.129 views

CVE-2004-0790

CVE-2004-0790 describes a denial-of-service condition caused by spoofed ICMP error messages that disrupt TCP connections. In published connected materials, the vulnerability is tied to BIG-IP products, notably FastL4 accelerated virtual servers on ePVA-equipped platforms (e.g., VIPRION blades and...

5CVSS7.5AI score0.80675EPSS
CVE
CVE
added 2003/04/01 5:0 a.m.113 views

CVE-2003-0161

Technical details for CVE-2003-0161 are not publicly provided in the supplied documents; monitor for updates from the connected advisories and feeds.

10CVSS7.6AI score0.38188EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.113 views

CVE-2003-1063

The CVE-2003-1063 entry concerns Solaris 2.6/7 cachefs patches (105693-13, 108800-02, 105694-13, 108801-02) that overwrite inetd.conf. This may silently reenable services and allow remote attackers to bypass the intended security policy. Affected component: cachefs daemon on Solaris; root cause: ...

7.5CVSS6.8AI score0.01544EPSS
CVE
CVE
added 2003/09/18 4:0 a.m.111 views

CVE-2003-0694

CVE-2003-0694 affects Sendmail 8.12.9, where the prescan function (parsing SMTP headers in parseaddr.c) can be exploited remotely via a buffer overflow to execute arbitrary code. Debian DSA-384 also references CAN-2003-0694 in its two vulnerabilities entry. The available documents confirm affecte...

10CVSS7.7AI score0.60185EPSS
CVE
CVE
added 2003/03/21 5:0 a.m.110 views

CVE-2003-0028

Technical details about CVE-2003-0028 are not present in the provided documents. The connected sources reference the CVE in Debian/OpenVAS advisories but do not specify affected products, root cause, versions, impact, or fixes.

7.5CVSS9.8AI score0.15031EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.109 views

CVE-2001-0236

CVE-2001-0236 affects Solaris snmpXdmid, where a buffer/heap overflow in the SNMP-to-DMI mapper allows remote code execution via a long indication event. Affected platforms include SunOS 5.7/Solaris 7 and SunOS 5.8/Solaris 8. The vulnerability is triggered by handling crafted SNMP traps/indicatio...

10CVSS7.5AI score0.72036EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.106 views

CVE-1999-0046

The CVE-1999-0046 entry documents a buffer overflow in the rlogin program triggered by the TERM environment variable. Red Hat/NVD entries confirm a buffer overflow affecting rlogin; no specific vulnerable versions or patches are provided in the supplied sources. Exploitation details, affected pro...

10CVSS7.1AI score0.52811EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.106 views

CVE-1999-0165

Technical details about CVE-1999-0165 are not publicly available in the provided documents; no concrete affected products, versions, or fixes are specified. Monitor for updates from vendors and CVE sources.

10CVSS7.4AI score0.01954EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.104 views

CVE-2002-0391

CVE-2002-0391 describes an integer overflow in the xdr_array function of RPC servers using libc/glibc or SunRPC-based code (e.g., dietlibc), enabling remote code execution by passing a large number of RPC arguments. The OpenVAS/DSA entries show Debian advisories addressing this issue across multi...

10CVSS9.9AI score0.58133EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.101 views

CVE-2000-0844

The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...

10CVSS7.7AI score0.15349EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.101 views

CVE-2002-1317

The CVE-2002-1317 flaw affects the Solaris X Window Font Server (XFS) daemon fs.auto, where the Dispatch() function handles XFS queries. This remotely exploitable buffer overflow can allow an attacker to crash the service or execute arbitrary code with the fs.auto/Font Server privileges (typicall...

7.5CVSS8AI score0.24029EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.99 views

CVE-1999-0008

CVE-1999-0008: A buffer overflow in Sun NIS+ rpc.nisd (the remote RPC service 100300/nisd) allows a remote attacker to gain a root shell on the affected host. Multiple connected sources (OpenVAS/Nessus) describe it as a remote, network-exposed overflow with a base CVSS v2 score of 10.0 and full i...

10CVSS7AI score0.03904EPSS
CVE
CVE
added 2003/04/15 4:0 a.m.99 views

CVE-2003-0196

CVE-2003-0196 corresponds to multiple buffer overflows in Samba before 2.2.8a, enabling remote code execution or denial of service. The related CVE-2003-0201 describes a trans2open overflow; exploitation has been demonstrated in various Samba builds (2.2.0–2.2.8) across platforms (Linux, macOS, B...

10CVSS7.6AI score0.2276EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.98 views

CVE-1999-0019

Technical details about CVE-1999-0019 are not publicly available in the provided documents. Monitor for official advisories for affected products, impact, and remediation.

5CVSS7.3AI score0.0164EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.98 views

CVE-2002-1337

CVE-2002-1337 affects Sendmail 5.79 through 8.12.7, with a buffer overflow in header processing (crackaddr in headers.c) that enables remote code execution, reported as a high-severity issue. Public advisories and patches exist across multiple vendors: HP-UX patches PHNE_35483/35484 (and related ...

10CVSS7.6AI score0.72202EPSS
CVE
CVE
added 2007/09/23 11:0 p.m.97 views

CVE-2001-1583

CVE-2001-1583 affects the Solaris in.lpd (lpd) daemon shipped with Sun Solaris up to version 8.0. A crafted job request with a malformed control file, not correctly handled when lpd calls a mail program, allows remote command execution. Exploitation has been demonstrated in public advisories and ...

10CVSS7.5AI score0.834EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.95 views

CVE-1999-0009

Summary of CVE-1999-0009 from connected documents : The issue is an inverse query buffer overflow in BIND releases 4.9 and 8. The Red Hat entry mirrors the description: the vulnerability is an inverse query buffer overflow in BIND 4.9 and 8 releases. Tenable/Nessus references indicate this is a r...

10CVSS7.3AI score0.29013EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.95 views

CVE-2004-0791

CVE-2004-0791 covers a denial-of-service scenario where multiple TCP/IP and ICMP implementations can be disrupted by a blind throughput-reduction attack using spoofed Source Quench packets. The CVE is discussed across connected advisories; notably, F5 David advisories show that for BIG-IP product...

5CVSS7.5AI score0.2032EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.94 views

CVE-1999-0011

CVE-1999-0011 corresponds to Denial of Service vulnerabilities in BIND 4.9 and BIND 8, reported across multiple vendors. Public records indicate DoS via CNAME records and zone transfers. Affected products include BIND 4.9.x and 8.x; the root cause is not detailed in the provided documents beyond ...

10CVSS7AI score0.05469EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.92 views

CVE-1999-0010

CVE-1999-0010 describes a Denial of Service vulnerability in BIND 8 releases caused by maliciously formatted DNS messages. Connected docs corroborate the DoS issue and note remediation in HP-UX via patch PHNE_12957 for s700_800 11.00 Bind 4.9.7 components; other records repeat the DoS description...

5CVSS6.8AI score0.02371EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.92 views

CVE-1999-0015

CVE-1999-0015 is a Teardrop IP fragmentation denial-of-service vulnerability. The connected sources describe a flaw in IP fragment reassembly that can crash or disrupt a remote server, enabling a DoS condition without authentication. The nessus entry explicitly notes the attack payload (“teardrop...

5CVSS6.8AI score0.35689EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.88 views

CVE-1999-0023

CVE-1999-0023 affects the rdist utility, with the vulnerability located in the lookup() function where a buffer overflow can be exploited by a local user to gain root privileges. Connected documents consistently describe local privilege escalation via rdist’s lookup() overflow, with several advis...

7.2CVSS8AI score0.00775EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.88 views

CVE-1999-0078

CVE-1999-0078 affects pcnfsd (rpc.pcnfsd). The vulnerability allows local users to change file permissions or execute arbitrary commands via arguments in the RPC call. Practical impact is limited to local-privilege abuse as described in multiple sources, with no public fixes reported in the docum...

1.9CVSS7.3AI score0.00923EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.88 views

CVE-1999-0128

CVE-1999-0128 refers to a historic Ping of Death, where oversized ICMP echo packets can cause a denial of service. The initial entry and connected Red Hat/RedHat advisory records reiterate the same description without listing affected products, versions, root cause details, or exploitable vectors...

5CVSS9.2AI score0.74099EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.88 views

CVE-1999-0189

Solaris rpcbind exposes the RPC portmapper on a non-standard high UDP port in addition to the expected port 111. This port discovery can enable attackers to bypass basic firewall rules by querying the portmapper for the port numbers of RPC services. The issue is documented across multiple sources...

7.5CVSS6.7AI score0.01184EPSS
CVE
CVE
added 2004/07/06 4:0 a.m.88 views

CVE-2004-0496

The CVE-2004-0496 entry refers to multiple local vulnerabilities in the Linux kernel 2.6, distinct from CVE-2004-0495, discovered via Sparse. Connected sources (Gentoo GLSA advisories GLSA-200407-02 and GLSA-200407-16, OpenVAS NASLs, and NVD/NVD-style listings) corroborate that CAN-2004-0496 conc...

7.2CVSS6.5AI score0.00393EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.87 views

CVE-1999-0833

CVE-1999-0833 describes a buffer overflow in BIND 8.2 when processing NXT records. The vulnerability arises in the rrextract logic for NXT processing, where the dlen/n/cp1 handling can be coerced to overflow the destination, enabling remote code execution with the privileges of the named process....

7.5CVSS6.9AI score0.02141EPSS
CVE
CVE
added 2004/06/03 4:0 a.m.87 views

CVE-2004-0523

CVE-2004-0523 relates to MIT Kerberos 5 (krb5) 1.3.3 and earlier, where multiple buffer overflows in krb5_aname_to_localname allow a remote attacker to execute arbitrary code as root. Public details describe the vulnerability, its impact, and vendor responses. Affected products include MIT Kerber...

10CVSS9.8AI score0.11665EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.85 views

CVE-1999-0018

CVE-1999-0018 describes a buffer overflow in statd that permits root privileges . The vulnerability is consistently reported across Red Hat, CVE, NVD sources, describing the same impact. The provided documents do not specify affected OS versions, product families, or exact vulnerable components b...

10CVSS7.7AI score0.10483EPSS
CVE
CVE
added 2012/08/16 10:0 a.m.85 views

CVE-2012-4291

Wireshark CVE-2012-4291 affects the CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2. A malformed packet can cause a denial of service via memory consumption. Remediation per sources is to upgrade to fixed releases: Wireshark 1.4.15, 1.6.10, or 1.8.2 (de...

3.3CVSS6.3AI score0.01194EPSS
CVE
CVE
added 2012/08/16 10:0 a.m.84 views

CVE-2012-4285

Wireshark vulnerability CVE-2012-4285 affects the DCP ETSI dissector: in Wireshark 1.4.x < 1.4.15, 1.6.x < 1.6.10, and 1.8.x

3.3CVSS6.3AI score0.02083EPSS
Total number of security vulnerabilities561