Sunos@5.10 Security Vulnerabilities and Issues — Sunos@5.10 CVE List

Lucene search

SunSunos5.10

11 matches found

CVE•added 2007/02/12 8:28 p.m.•138 views

CVE-2007-0882

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by th...

10CVSS6.6AI score0.9135EPSS

CVE•added 2007/07/12 4:30 p.m.•59 views

CVE-2007-3717

rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.

6.9CVSS9.1AI score0.00082EPSS

CVE•added 2007/06/06 9:30 p.m.•50 views

CVE-2007-3093

Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.

10CVSS7.6AI score0.1406EPSS

CVE•added 2007/06/06 9:30 p.m.•50 views

CVE-2007-3094

Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.

9CVSS7.4AI score0.02031EPSS

CVE•added 2007/06/14 11:30 p.m.•49 views

CVE-2007-3223

Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.

7.8CVSS6.6AI score0.02139EPSS

CVE•added 2007/12/04 3:46 p.m.•47 views

CVE-2007-6216

Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs.

4.7CVSS6.1AI score0.00045EPSS

CVE•added 2007/11/10 2:46 a.m.•43 views

CVE-2007-5921

Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.

4.7CVSS6AI score0.00087EPSS

CVE•added 2007/10/12 9:17 p.m.•41 views

CVE-2007-5422

Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors.

4.9CVSS6.2AI score0.00058EPSS

CVE•added 2007/05/30 1:30 a.m.•40 views

CVE-2007-2882

Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.

5CVSS6.4AI score0.02604EPSS

CVE•added 2007/05/09 12:19 a.m.•39 views

CVE-2007-2529

Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL.

7.2CVSS6.5AI score0.00058EPSS

CVE•added 2007/10/05 12:17 a.m.•36 views

CVE-2007-5225

Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.

4.9CVSS5.7AI score0.00187EPSS