Sunos Security Vulnerabilities and Issues — Page 3 of Sunos CVE List

Lucene search

SunSunos

561 matches found

CVE•added 2002/03/09 5:0 a.m.•54 views

CVE-1999-1102

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.

2.1CVSS6.8AI score0.00121EPSS

CVE•added 2004/09/01 4:0 a.m.•54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS

CVE•added 2005/02/08 5:0 a.m.•54 views

CVE-2003-1068

Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.

7.2CVSS6.8AI score0.00144EPSS

CVE•added 2004/11/23 5:0 a.m.•54 views

CVE-2004-0360

Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.3AI score0.00265EPSS

CVE•added 2006/01/10 7:0 p.m.•54 views

CVE-2004-0780

Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.

7.2CVSS7.2AI score0.00084EPSS

CVE•added 2005/05/04 4:0 a.m.•54 views

CVE-2004-1307

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflo...

7.5CVSS7.7AI score0.05111EPSS

CVE•added 2006/10/10 4:6 a.m.•54 views

CVE-2006-5215

The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.

2.6CVSS6.1AI score0.00079EPSS

CVE•added 2013/07/17 1:41 p.m.•54 views

CVE-2013-3799

Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.

4.9CVSS5.6AI score0.0014EPSS

CVE•added 1999/09/29 4:0 a.m.•53 views

CVE-1999-0302

SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.

7.5CVSS8.2AI score0.00639EPSS

CVE•added 2000/02/04 5:0 a.m.•53 views

CVE-1999-0818

Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.

7.2CVSS7.2AI score0.0041EPSS

CVE•added 2005/08/30 4:0 a.m.•53 views

CVE-1999-1586

loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.

7.2CVSS6.5AI score0.00477EPSS

CVE•added 2001/01/22 5:0 a.m.•53 views

CVE-2000-0949

Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.

7.2CVSS7.4AI score0.00192EPSS

CVE•added 2007/09/23 11:0 p.m.•53 views

CVE-2001-1582

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.

7.2CVSS7.7AI score0.00171EPSS

CVE•added 2002/03/15 5:0 a.m.•53 views

CVE-2002-0084

Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.

7.2CVSS6.5AI score0.03227EPSS

CVE•added 2004/09/01 4:0 a.m.•53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS

CVE•added 2007/04/16 10:19 p.m.•53 views

CVE-2007-2045

Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.

5CVSS6.6AI score0.01824EPSS

CVE•added 2000/01/04 5:0 a.m.•52 views

CVE-1999-0212

Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.

7.8CVSS7.4AI score0.00727EPSS

CVE•added 1999/09/29 4:0 a.m.•52 views

CVE-1999-0301

Buffer overflow in SunOS/Solaris ps command.

7.2CVSS7.1AI score0.0041EPSS

CVE•added 2000/10/13 4:0 a.m.•52 views

CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

7.2CVSS6.8AI score0.00344EPSS

CVE•added 2001/06/18 4:0 a.m.•52 views

CVE-2001-0403

/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI.

7.2CVSS6.8AI score0.00148EPSS

CVE•added 2001/07/02 4:0 a.m.•52 views

CVE-2001-0426

Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable.

7.2CVSS7.3AI score0.00126EPSS

CVE•added 2005/02/08 5:0 a.m.•52 views

CVE-2003-1073

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes pla...

1.2CVSS6.6AI score0.00165EPSS

CVE•added 2005/05/02 4:0 a.m.•52 views

CVE-2005-0426

Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.

5CVSS7AI score0.00739EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0065

Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.

7.5CVSS7.9AI score0.01279EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0134

vold in Solaris 2.x allows local users to gain root access.

7.2CVSS7.3AI score0.0006EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0188

The passwd command in Solaris can be subjected to a denial of service.

7.2CVSS7.3AI score0.00067EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0315

Buffer overflow in Solaris fdformat command gives root access to local users.

7.2CVSS7AI score0.00145EPSS

CVE•added 2000/02/04 5:0 a.m.•51 views

CVE-1999-0370

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

4.6CVSS7.3AI score0.00082EPSS

CVE•added 2002/03/09 5:0 a.m.•51 views

CVE-2001-0699

Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument.

7.2CVSS7.8AI score0.00058EPSS

CVE•added 2007/02/13 1:28 a.m.•51 views

CVE-2007-0895

Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir ...

2.6CVSS6.1AI score0.00074EPSS

CVE•added 2000/02/04 5:0 a.m.•50 views

CVE-1999-0104

A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.

5CVSS7.4AI score0.03605EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

4.6CVSS6.6AI score0.00122EPSS

CVE•added 2000/02/04 5:0 a.m.•50 views

CVE-1999-0213

libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.

10CVSS7.2AI score0.00483EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0214

Denial of service by sending forged ICMP unreachable packets.

10CVSS7.4AI score0.00483EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0320

SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

9.3CVSS6.8AI score0.00483EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0334

In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.

7.2CVSS6.9AI score0.0006EPSS

CVE•added 2000/02/04 5:0 a.m.•50 views

CVE-1999-0345

Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

5CVSS7.3AI score0.00504EPSS

CVE•added 2000/01/18 5:0 a.m.•50 views

CVE-1999-0875

DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.

7.5CVSS7.1AI score0.22421EPSS

CVE•added 2000/05/18 4:0 a.m.•50 views

CVE-2000-0317

Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.

7.2CVSS7.2AI score0.0011EPSS

CVE•added 2001/05/07 4:0 a.m.•50 views

CVE-2001-0190

Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).

7.2CVSS6.9AI score0.00068EPSS

CVE•added 2004/09/01 4:0 a.m.•50 views

CVE-2001-1328

Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.

7.5CVSS7.7AI score0.06209EPSS

CVE•added 2003/04/02 5:0 a.m.•50 views

CVE-2002-0679

Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

10CVSS7.9AI score0.70866EPSS

CVE•added 2005/02/08 5:0 a.m.•50 views

CVE-2002-1584

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

10CVSS7.7AI score0.05257EPSS

CVE•added 2005/06/28 4:0 a.m.•50 views

CVE-2002-1980

Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.

7.2CVSS7.8AI score0.0006EPSS

CVE•added 2005/02/08 5:0 a.m.•50 views

CVE-2003-1078

The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.

7.5CVSS7.2AI score0.00602EPSS

CVE•added 2005/01/19 5:0 a.m.•50 views

CVE-2004-1355

Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.

2.1CVSS6.5AI score0.00071EPSS

CVE•added 2007/06/06 9:30 p.m.•50 views

CVE-2007-3093

Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.

10CVSS7.6AI score0.1406EPSS

CVE•added 2007/06/06 9:30 p.m.•50 views

CVE-2007-3094

Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.

9CVSS7.4AI score0.02031EPSS

CVE•added 2011/07/21 12:55 a.m.•50 views

CVE-2011-2298

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to KSSL.

5CVSS6.3AI score0.00455EPSS

CVE•added 1999/09/29 4:0 a.m.•49 views

CVE-1999-0032

Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

7.2CVSS7.7AI score0.00221EPSS

Total number of security vulnerabilities561