Sunos@5.5.1 Security Vulnerabilities and Issues — Page 2 of Sunos@5.5.1 CVE List

Lucene search

SunSunos5.5.1

112 matches found

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0315

Buffer overflow in Solaris fdformat command gives root access to local users.

7.2CVSS7AI score0.00145EPSS

CVE•added 2000/02/04 5:0 a.m.•51 views

CVE-1999-0370

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

4.6CVSS7.3AI score0.00082EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

4.6CVSS6.6AI score0.00122EPSS

CVE•added 2000/02/04 5:0 a.m.•50 views

CVE-1999-0213

libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.

10CVSS7.2AI score0.00483EPSS

CVE•added 1999/09/29 4:0 a.m.•50 views

CVE-1999-0320

SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

9.3CVSS6.8AI score0.00483EPSS

CVE•added 2001/05/07 4:0 a.m.•50 views

CVE-2001-0190

Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).

7.2CVSS6.9AI score0.00068EPSS

CVE•added 2004/09/01 4:0 a.m.•50 views

CVE-2001-1328

Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.

7.5CVSS7.7AI score0.06209EPSS

CVE•added 2003/04/02 5:0 a.m.•50 views

CVE-2002-0679

Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

10CVSS7.9AI score0.70866EPSS

CVE•added 2005/02/08 5:0 a.m.•50 views

CVE-2002-1584

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

10CVSS7.7AI score0.05257EPSS

CVE•added 2005/06/28 4:0 a.m.•50 views

CVE-2002-1980

Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.

7.2CVSS7.8AI score0.0006EPSS

CVE•added 1999/09/29 4:0 a.m.•49 views

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

7.2CVSS7.9AI score0.003EPSS

CVE•added 2005/02/08 5:0 a.m.•49 views

CVE-2003-1071

rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.

2.1CVSS6.8AI score0.00322EPSS

CVE•added 1999/09/29 4:0 a.m.•48 views

CVE-1999-0136

Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access.

7.2CVSS6.9AI score0.0006EPSS

CVE•added 1999/09/29 4:0 a.m.•48 views

CVE-1999-0442

Solaris ff.core allows local users to modify files.

2.1CVSS6.7AI score0.00154EPSS

CVE•added 2000/01/04 5:0 a.m.•48 views

CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

7.2CVSS6.7AI score0.00123EPSS

CVE•added 2002/05/03 4:0 a.m.•48 views

CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network tra...

5CVSS7.1AI score0.08688EPSS

CVE•added 2000/02/04 5:0 a.m.•47 views

CVE-1999-0033

Command execution in Sun systems via buffer overflow in the at program.

7.2CVSS8.1AI score0.00137EPSS

CVE•added 1999/09/29 4:0 a.m.•47 views

CVE-1999-0109

Buffer overflow in ffbconfig in Solaris 2.5.1.

7.2CVSS7.7AI score0.00362EPSS

CVE•added 2005/02/08 5:0 a.m.•47 views

CVE-2002-1587

The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex.

2.1CVSS6.6AI score0.00065EPSS

CVE•added 2005/06/28 4:0 a.m.•47 views

CVE-2002-1871

pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.

7.2CVSS6.9AI score0.00056EPSS

CVE•added 1999/09/29 4:0 a.m.•46 views

CVE-1999-0135

admintool in Solaris allows a local user to write to arbitrary files and gain root access.

7.2CVSS7.5AI score0.0006EPSS

CVE•added 1999/09/29 4:0 a.m.•46 views

CVE-1999-0190

Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.

7.2CVSS7.7AI score0.00067EPSS

CVE•added 2000/03/22 5:0 a.m.•46 views

CVE-1999-0908

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.

5CVSS6.8AI score0.03801EPSS

CVE•added 2004/09/01 4:0 a.m.•46 views

CVE-2003-0027

Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

5CVSS6.7AI score0.65152EPSS

CVE•added 2000/01/04 5:0 a.m.•45 views

CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

7.2CVSS7.2AI score0.00367EPSS

CVE•added 2000/06/02 4:0 a.m.•45 views

CVE-1999-0859

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.

2.1CVSS6.6AI score0.00175EPSS

CVE•added 2002/10/28 5:0 a.m.•45 views

CVE-2002-1228

Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.

5CVSS6.2AI score0.00703EPSS

CVE•added 2003/04/02 5:0 a.m.•45 views

CVE-2003-0092

Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

7.2CVSS7.1AI score0.0005EPSS

CVE•added 1999/09/29 4:0 a.m.•44 views

CVE-1999-0051

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

7.2CVSS7.4AI score0.00246EPSS

CVE•added 2003/04/02 5:0 a.m.•44 views

CVE-2003-0091

Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

7.2CVSS7.1AI score0.00077EPSS

CVE•added 1999/09/29 4:0 a.m.•43 views

CVE-1999-0273

Denial of service through Solaris 2.5.1 telnet by sending ^D characters.

5CVSS6.8AI score0.00504EPSS

CVE•added 2001/06/18 4:0 a.m.•43 views

CVE-2001-0401

Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.

7.2CVSS7.7AI score0.00178EPSS

CVE•added 2002/07/03 4:0 a.m.•43 views

CVE-2002-0572

FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to ...

7.2CVSS6AI score0.00211EPSS

CVE•added 2000/03/22 5:0 a.m.•42 views

CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

4.6CVSS6.8AI score0.00154EPSS

CVE•added 2001/05/07 4:0 a.m.•42 views

CVE-2001-0115

Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.

7.2CVSS7.8AI score0.0023EPSS

CVE•added 2001/05/07 4:0 a.m.•42 views

CVE-2001-0124

Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.

7.2CVSS7.4AI score0.00053EPSS

CVE•added 2002/03/09 5:0 a.m.•42 views

CVE-2001-0422

Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.

7.2CVSS7.7AI score0.00263EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0185

In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.

7.5CVSS7.7AI score0.02697EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0300

nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.

7.5CVSS7.4AI score0.00489EPSS

CVE•added 1999/09/29 4:0 a.m.•41 views

CVE-1999-0369

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

7.2CVSS8.2AI score0.0041EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

7.2CVSS7.6AI score0.00126EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0973

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

10CVSS7.6AI score0.03141EPSS

CVE•added 2000/01/04 5:0 a.m.•41 views

CVE-1999-0974

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

10CVSS7.7AI score0.0244EPSS

CVE•added 2001/09/12 4:0 a.m.•41 views

CVE-1999-1158

Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.

7.2CVSS7.9AI score0.00143EPSS

CVE•added 2002/02/02 5:0 a.m.•41 views

CVE-2001-1076

Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.

7.2CVSS7.8AI score0.00209EPSS

CVE•added 1999/09/29 4:0 a.m.•40 views

CVE-1999-0303

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

4.6CVSS7.7AI score0.00055EPSS

CVE•added 1999/09/29 4:0 a.m.•40 views

CVE-1999-0339

Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.

7.2CVSS7.7AI score0.00063EPSS

CVE•added 2001/09/12 4:0 a.m.•40 views

CVE-1999-1371

Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.

7.2CVSS7.2AI score0.00138EPSS

CVE•added 2002/03/09 5:0 a.m.•40 views

CVE-1999-1423

ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

2.1CVSS7AI score0.00331EPSS

CVE•added 2000/01/04 5:0 a.m.•39 views

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

7.2CVSS7.6AI score0.00115EPSS

Total number of security vulnerabilities112