Lucene search

K
SunSunos

561 matches found

CVE
CVE
added 2002/03/09 5:0 a.m.6366 views

CVE-2001-0554

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

10CVSS7.4AI score0.27436EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.710 views

CVE-1999-0517

An SNMP community name is the default (e.g. public), null, or missing.

7.5CVSS6.7AI score0.92333EPSS
CVE
CVE
added 2005/11/01 12:47 p.m.426 views

CVE-2005-3398

The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.

4.3CVSS6.2AI score0.39542EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.423 views

CVE-1999-0502

A Unix account has a default, null, blank, or missing password.

7.5CVSS6.4AI score0.35822EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.370 views

CVE-1999-0024

DNS cache poisoning via BIND, by predictable query IDs.

5CVSS6.7AI score0.01325EPSS
CVE
CVE
added 1999/09/29 12:0 a.m.233 views

CVE-1999-0211

Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.

5CVSS6.7AI score0.00974EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.200 views

CVE-1999-0017

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

7.5CVSS6.3AI score0.01136EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.176 views

CVE-2004-1082

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

7.5CVSS8.1AI score0.05469EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.162 views

CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as root.

8.4CVSS7.9AI score0.00114EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.153 views

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

10CVSS7.4AI score0.88625EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.147 views

CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

5CVSS7.3AI score0.25583EPSS
CVE
CVE
added 2007/02/12 8:28 p.m.138 views

CVE-2007-0882

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by th...

10CVSS6.6AI score0.9135EPSS
CVE
CVE
added 2012/06/12 10:55 p.m.122 views

CVE-2012-0217

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft...

7.2CVSS6.3AI score0.88861EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.121 views

CVE-1999-0016

Land IP denial of service.

5CVSS6.6AI score0.72572EPSS
CVE
CVE
added 2011/01/19 4:0 p.m.120 views

CVE-2010-2632

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the gl...

7.8CVSS5.3AI score0.12495EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.119 views

CVE-2002-0573

Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.

7.5CVSS7.6AI score0.47418EPSS
CVE
CVE
added 2003/05/05 4:0 a.m.118 views

CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

10CVSS7.3AI score0.76919EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.112 views

CVE-1999-0003

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

10CVSS7.5AI score0.90339EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.105 views

CVE-2004-0790

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0...

5CVSS7.5AI score0.79728EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.102 views

CVE-1999-0097

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

10CVSS7.2AI score0.01076EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.98 views

CVE-2003-1063

The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.

7.5CVSS6.8AI score0.00428EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.93 views

CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers...

10CVSS7.6AI score0.71952EPSS
CVE
CVE
added 2003/10/06 4:0 a.m.92 views

CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

10CVSS7.7AI score0.7608EPSS
CVE
CVE
added 2003/03/25 5:0 a.m.89 views

CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a differ...

7.5CVSS9.8AI score0.56051EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.88 views

CVE-1999-0165

NFS cache poisoning.

10CVSS7.4AI score0.00946EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.86 views

CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

10CVSS7.7AI score0.00891EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.84 views

CVE-1999-0046

Buffer overflow of rlogin program using TERM environmental variable.

10CVSS7.1AI score0.0353EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.84 views

CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5CVSS8AI score0.42484EPSS
CVE
CVE
added 2007/09/23 11:0 p.m.81 views

CVE-2001-1583

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.

10CVSS7.5AI score0.59815EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.81 views

CVE-2002-0391

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

10CVSS9.9AI score0.0457EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.79 views

CVE-1999-0008

Buffer overflow in NIS+, in Sun's rpc.nisd program.

10CVSS7AI score0.03952EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.79 views

CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

10CVSS7.6AI score0.623EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.76 views

CVE-1999-0009

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

10CVSS7.3AI score0.8048EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.76 views

CVE-1999-0011

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

10CVSS7AI score0.10976EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.76 views

CVE-1999-0015

Teardrop IP denial of service.

5CVSS6.8AI score0.25851EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.76 views

CVE-1999-0019

Delete or create a file via rpc.statd, due to invalid information.

5CVSS7.3AI score0.01078EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.75 views

CVE-1999-0010

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

5CVSS6.8AI score0.02EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.75 views

CVE-2004-0791

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and C...

5CVSS7.5AI score0.79728EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.74 views

CVE-2001-0236

Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.

10CVSS7.5AI score0.77743EPSS
CVE
CVE
added 2003/05/05 4:0 a.m.74 views

CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

10CVSS7.6AI score0.76919EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.73 views

CVE-1999-0018

Buffer overflow in statd allows root privileges.

10CVSS7.7AI score0.10302EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.73 views

CVE-1999-0189

Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.

7.5CVSS6.7AI score0.00489EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.72 views

CVE-1999-0128

Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

5CVSS9.2AI score0.15798EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.69 views

CVE-1999-0023

Local user gains root privileges via buffer overflow in rdist, via lookup() function.

7.2CVSS8AI score0.00705EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.69 views

CVE-1999-0833

Buffer overflow in BIND 8.2 via NXT records.

7.5CVSS6.9AI score0.01515EPSS
CVE
CVE
added 2004/12/06 5:0 a.m.69 views

CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

7.2CVSS6.5AI score0.0006EPSS
CVE
CVE
added 2002/07/23 4:0 a.m.68 views

CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

7.5CVSS6.8AI score0.19026EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.67 views

CVE-1999-0078

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.

1.9CVSS7.3AI score0.00139EPSS
CVE
CVE
added 2002/07/26 4:0 a.m.65 views

CVE-2002-0436

sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.

10CVSS7.6AI score0.03931EPSS
CVE
CVE
added 2012/08/16 10:38 a.m.65 views

CVE-2012-4285

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.

3.3CVSS6.3AI score0.00652EPSS
Total number of security vulnerabilities561