Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SunSunos5.7

146 matches found

CVE
CVEadded 2005/06/28 4:0 a.m.50 views

CVE-2002-1980

Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.

7.2CVSS7.8AI score0.0006EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.50 views

CVE-2003-1078

The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.

7.5CVSS7.2AI score0.00602EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.49 views

CVE-2000-0337

Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter.

7.2CVSS7.2AI score0.00145EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.49 views

CVE-2003-1071

rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.

2.1CVSS6.8AI score0.00322EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.48 views

CVE-1999-0442

Solaris ff.core allows local users to modify files.

2.1CVSS6.7AI score0.00154EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.48 views

CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

7.2CVSS6.7AI score0.00123EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.48 views

CVE-1999-0851

Denial of service in BIND named via naptr.

2.1CVSS6.6AI score0.00091EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.48 views

CVE-2000-0030

Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.

5CVSS6.7AI score0.00441EPSS
CVE
CVEadded 2002/05/03 4:0 a.m.48 views

CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network tra...

5CVSS7.1AI score0.08688EPSS
CVE
CVEadded 2002/12/23 5:0 a.m.48 views

CVE-2002-1345

Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.

5CVSS6.5AI score0.02126EPSS
CVE
CVEadded 2003/08/27 4:0 a.m.48 views

CVE-2003-0669

Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.

1.2CVSS6.4AI score0.00058EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.47 views

CVE-1999-0949

Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

7.2CVSS7.3AI score0.00145EPSS
CVE
CVEadded 2002/03/15 5:0 a.m.47 views

CVE-2002-0085

cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.

5CVSS6.4AI score0.01271EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.47 views

CVE-2002-1587

The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex.

2.1CVSS6.6AI score0.00065EPSS
CVE
CVEadded 2005/06/28 4:0 a.m.47 views

CVE-2002-1871

pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.

7.2CVSS6.9AI score0.00056EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.47 views

CVE-2003-1061

Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.

1.2CVSS6.2AI score0.00063EPSS
CVE
CVEadded 2000/03/22 5:0 a.m.46 views

CVE-1999-0908

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.

5CVSS6.8AI score0.03801EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.46 views

CVE-2003-0027

Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

5CVSS6.7AI score0.65152EPSS
CVE
CVEadded 2003/08/27 4:0 a.m.46 views

CVE-2003-0609

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.

7.2CVSS6.9AI score0.00729EPSS
CVE
CVEadded 2005/01/19 5:0 a.m.46 views

CVE-2004-1352

Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.

7.2CVSS7.7AI score0.00084EPSS
CVE
CVEadded 2006/05/05 11:0 p.m.46 views

CVE-2005-4797

Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.

5CVSS6.6AI score0.73269EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.45 views

CVE-1999-0417

64 bit Solaris 7 procfs allows local users to perform a denial of service.

2.1CVSS6.7AI score0.00195EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.45 views

CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

7.2CVSS7.2AI score0.00367EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.45 views

CVE-1999-0835

Denial of service in BIND named via malformed SIG records.

10CVSS6.6AI score0.00591EPSS
CVE
CVEadded 2000/06/02 4:0 a.m.45 views

CVE-1999-0859

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.

2.1CVSS6.6AI score0.00175EPSS
CVE
CVEadded 2002/10/28 5:0 a.m.45 views

CVE-2002-1228

Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.

5CVSS6.2AI score0.00703EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.45 views

CVE-2003-0092

Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

7.2CVSS7.1AI score0.0005EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.45 views

CVE-2003-1069

The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).

5CVSS7.1AI score0.00763EPSS
CVE
CVEadded 2005/05/16 4:0 a.m.45 views

CVE-2005-1591

Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.

5CVSS7AI score0.00655EPSS
CVE
CVEadded 2002/08/12 4:0 a.m.44 views

CVE-2002-0797

Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

10CVSS7.3AI score0.05285EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.44 views

CVE-2002-1199

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

5CVSS6.5AI score0.02144EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.44 views

CVE-2003-0091

Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

7.2CVSS7.1AI score0.00077EPSS
CVE
CVEadded 2005/02/08 5:0 a.m.44 views

CVE-2003-1060

The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.

5CVSS7.1AI score0.00739EPSS
CVE
CVEadded 2005/09/28 11:3 p.m.44 views

CVE-2005-3099

Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.

4.6CVSS6.8AI score0.00078EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.43 views

CVE-1999-0840

Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.

7.2CVSS7.2AI score0.00236EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.43 views

CVE-1999-1080

rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volc...

7.2CVSS7.2AI score0.00061EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.43 views

CVE-2001-0165

Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument.

7.2CVSS7.2AI score0.00138EPSS
CVE
CVEadded 2001/06/18 4:0 a.m.43 views

CVE-2001-0401

Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.

7.2CVSS7.7AI score0.00178EPSS
CVE
CVEadded 2002/07/03 4:0 a.m.43 views

CVE-2002-0572

FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to ...

7.2CVSS6AI score0.00211EPSS
CVE
CVEadded 2005/02/15 5:0 a.m.43 views

CVE-2005-0447

Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.

5CVSS7AI score0.00911EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.42 views

CVE-1999-0837

Denial of service in BIND by improperly closing TCP sessions via so_linger.

10CVSS6.6AI score0.01145EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.42 views

CVE-1999-0841

Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.

7.2CVSS7.2AI score0.00343EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.42 views

CVE-1999-0948

Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

7.2CVSS7.3AI score0.00145EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.42 views

CVE-2001-0115

Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.

7.2CVSS7.8AI score0.0023EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.42 views

CVE-2001-0422

Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.

7.2CVSS7.7AI score0.00263EPSS
CVE
CVEadded 2004/01/05 5:0 a.m.42 views

CVE-2003-0999

Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.

7.2CVSS8AI score0.00058EPSS
CVE
CVEadded 2005/01/19 5:0 a.m.42 views

CVE-2004-1359

Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.

4.6CVSS7.5AI score0.00094EPSS
CVE
CVEadded 2005/03/10 5:0 a.m.42 views

CVE-2004-1767

The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function.

7.2CVSS6.5AI score0.00066EPSS
CVE
CVEadded 2005/05/11 4:0 a.m.42 views

CVE-2005-1518

Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500.

2.1CVSS6.6AI score0.00058EPSS
CVE
CVEadded 2000/01/04 5:0 a.m.41 views

CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

7.2CVSS7.6AI score0.00126EPSS
Total number of security vulnerabilities146