Sunos@5.11 Security Vulnerabilities and Issues — Sunos@5.11 CVE List

Lucene search

SunSunos5.11

126 matches found

CVE•added 2007/02/12 8:28 p.m.•138 views

CVE-2007-0882

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by th...

10CVSS6.6AI score0.9135EPSS

CVE•added 2011/01/19 4:0 p.m.•120 views

CVE-2010-2632

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the gl...

7.8CVSS5.3AI score0.25067EPSS

CVE•added 2012/08/16 10:38 a.m.•65 views

CVE-2012-4285

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.

3.3CVSS6.3AI score0.00652EPSS

CVE•added 2012/08/16 10:38 a.m.•63 views

CVE-2012-4289

epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.

3.3CVSS6.3AI score0.00292EPSS

CVE•added 2012/08/16 10:38 a.m.•61 views

CVE-2012-4291

The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

3.3CVSS6.3AI score0.00895EPSS

CVE•added 2012/08/16 10:38 a.m.•59 views

CVE-2012-4293

plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.

3.3CVSS6.3AI score0.00971EPSS

CVE•added 2012/08/16 10:38 a.m.•58 views

CVE-2012-4290

The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.

3.3CVSS6.3AI score0.00895EPSS

CVE•added 2012/08/16 10:38 a.m.•58 views

CVE-2012-4296

Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.

3.3CVSS6.5AI score0.01461EPSS

CVE•added 2012/08/16 10:38 a.m.•57 views

CVE-2012-4292

The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial ...

3.3CVSS6.2AI score0.0113EPSS

CVE•added 2012/08/16 10:38 a.m.•56 views

CVE-2012-4288

Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.

3.3CVSS6.6AI score0.00971EPSS

CVE•added 2012/08/16 10:38 a.m.•56 views

CVE-2012-4295

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.

3.3CVSS6.3AI score0.01081EPSS

CVE•added 2012/08/16 10:38 a.m.•56 views

CVE-2012-4298

Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.

5.4CVSS7.5AI score0.00919EPSS

CVE•added 2012/08/16 10:38 a.m.•55 views

CVE-2012-4287

epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.

5CVSS6.3AI score0.02866EPSS

CVE•added 2013/07/17 1:41 p.m.•54 views

CVE-2013-3799

Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.

4.9CVSS5.6AI score0.0014EPSS

CVE•added 2011/07/21 12:55 a.m.•50 views

CVE-2011-2298

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to KSSL.

5CVSS6.3AI score0.00455EPSS

CVE•added 2012/08/16 10:38 a.m.•49 views

CVE-2012-4297

Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.

8.3CVSS7.7AI score0.08501EPSS

CVE•added 2013/04/17 12:14 p.m.•49 views

CVE-2013-1498

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496.

4.9CVSS5.5AI score0.00048EPSS

CVE•added 2011/07/21 12:55 a.m.•48 views

CVE-2011-2295

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to Driver/USB.

4.7CVSS5.7AI score0.00049EPSS

CVE•added 2014/10/15 10:55 p.m.•47 views

CVE-2014-6501

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality via vectors related to SSH.

2.1CVSS5.4AI score0.00133EPSS

CVE•added 2011/10/18 10:55 p.m.•46 views

CVE-2011-3543

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to iSCSI DataMover (IDM).

7.8CVSS6.3AI score0.0081EPSS

CVE•added 2012/01/18 10:55 p.m.•46 views

CVE-2012-0100

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kerberos.

6.8CVSS5.5AI score0.00028EPSS

CVE•added 2012/05/03 10:55 p.m.•46 views

CVE-2012-1681

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel/sockfs.

4.9CVSS5.6AI score0.00045EPSS

CVE•added 2012/10/17 12:55 a.m.•46 views

CVE-2012-3210

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via unknown vectors related to Kernel.

7.8CVSS6.1AI score0.0081EPSS

CVE•added 2014/10/15 3:55 p.m.•46 views

CVE-2014-4284

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4280.

4.4CVSS5.7AI score0.00144EPSS

CVE•added 2011/04/20 10:55 a.m.•45 views

CVE-2011-0813

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098.

4.9CVSS5.5AI score0.00062EPSS

CVE•added 2011/07/20 11:55 p.m.•45 views

CVE-2011-2259

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to UFS.

4.9CVSS5.9AI score0.00049EPSS

CVE•added 2012/05/03 10:55 p.m.•45 views

CVE-2012-1691

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/Privileges.

6.6CVSS5.7AI score0.00063EPSS

CVE•added 2012/07/17 10:55 p.m.•45 views

CVE-2012-1750

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to mailx.

4.4CVSS5.5AI score0.00147EPSS

CVE•added 2012/08/16 10:38 a.m.•45 views

CVE-2012-4294

Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.

5.8CVSS7.7AI score0.03416EPSS

CVE•added 2015/01/21 7:59 p.m.•45 views

CVE-2015-0429

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.

3.3CVSS5.5AI score0.0006EPSS

CVE•added 2011/04/20 10:55 a.m.•44 views

CVE-2011-0841

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP.

7.8CVSS6.3AI score0.00491EPSS

CVE•added 2012/05/03 10:55 p.m.•44 views

CVE-2012-1683

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd.

5.9CVSS8AI score0.00045EPSS

CVE•added 2014/10/15 10:55 p.m.•44 views

CVE-2014-6529

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hermon HCA PCIe driver.

6.8CVSS6.1AI score0.00672EPSS

CVE•added 2015/01/21 3:28 p.m.•44 views

CVE-2014-6570

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6600 and CVE-2015-0397.

4.9CVSS5.6AI score0.00061EPSS

CVE•added 2014/04/16 12:55 a.m.•43 views

CVE-2014-0442

Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Print Filter Utility.

4.6CVSS5.5AI score0.0007EPSS

CVE•added 2014/10/15 3:55 p.m.•43 views

CVE-2014-4276

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Common Internet File System (CIFS).

7.5CVSS6.1AI score0.00661EPSS

CVE•added 2014/10/15 3:55 p.m.•43 views

CVE-2014-4283

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4277.

4.3CVSS5.9AI score0.00428EPSS

CVE•added 2014/10/15 3:55 p.m.•43 views

CVE-2014-6473

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Framework.

7.2CVSS5.6AI score0.0014EPSS

CVE•added 2015/01/21 2:59 p.m.•43 views

CVE-2014-6481

Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect confidentiality via vectors related to KSSL.

4.3CVSS5.8AI score0.0025EPSS

CVE•added 2015/01/21 3:28 p.m.•43 views

CVE-2014-6575

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230.

5CVSS8.3AI score0.11484EPSS

CVE•added 2015/01/21 6:59 p.m.•43 views

CVE-2014-6600

4.9CVSS5.6AI score0.00061EPSS

CVE•added 2015/01/21 6:59 p.m.•43 views

CVE-2015-0375

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.

5CVSS5.8AI score0.01165EPSS

CVE•added 2015/01/21 7:59 p.m.•43 views

CVE-2015-0428

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.

4.9CVSS5.6AI score0.00045EPSS

CVE•added 2011/01/19 5:0 p.m.•42 views

CVE-2010-4443

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.

4.4CVSS5.9AI score0.00059EPSS

CVE•added 2011/01/19 5:0 p.m.•42 views

CVE-2010-4446

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to RDS and Kernel/InfiniBand.

4.6CVSS5.7AI score0.00043EPSS

CVE•added 2011/07/21 12:55 a.m.•42 views

CVE-2011-2293

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Zones.

4.9CVSS5.7AI score0.00049EPSS

CVE•added 2012/10/17 12:55 a.m.•42 views

CVE-2012-3165

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality and integrity via unknown vectors related to mailx.

3.6CVSS5.3AI score0.00153EPSS

CVE•added 2012/08/16 10:38 a.m.•42 views

CVE-2012-4286

The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.

4.3CVSS6.2AI score0.02186EPSS

CVE•added 2013/04/17 12:14 p.m.•42 views

CVE-2013-0403

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Utility.

1.9CVSS5.5AI score0.00055EPSS

CVE•added 2013/07/17 1:41 p.m.•42 views

CVE-2013-3745

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.

2.1CVSS5.6AI score0.00123EPSS

Total number of security vulnerabilities126