Lucene search

K

212 matches found

CVE
CVE
added 2002/03/09 5:0 a.m.6366 views

CVE-2001-0554

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

10CVSS7.4AI score0.27436EPSS
CVE
CVE
added 2005/11/01 12:47 p.m.426 views

CVE-2005-3398

The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.

4.3CVSS6.2AI score0.39542EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.423 views

CVE-1999-0502

A Unix account has a default, null, blank, or missing password.

7.5CVSS6.4AI score0.35822EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.176 views

CVE-2004-1082

mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

7.5CVSS8.1AI score0.05469EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.153 views

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

10CVSS7.4AI score0.88625EPSS
CVE
CVE
added 2011/01/19 4:0 p.m.120 views

CVE-2010-2632

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the gl...

7.8CVSS5.3AI score0.12495EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.119 views

CVE-2002-0573

Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.

7.5CVSS7.6AI score0.47418EPSS
CVE
CVE
added 2003/05/05 4:0 a.m.118 views

CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

10CVSS7.3AI score0.76919EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.105 views

CVE-2004-0790

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0...

5CVSS7.5AI score0.79728EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.93 views

CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers...

10CVSS7.6AI score0.71952EPSS
CVE
CVE
added 2003/10/06 4:0 a.m.92 views

CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

10CVSS7.7AI score0.7608EPSS
CVE
CVE
added 2003/03/25 5:0 a.m.89 views

CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a differ...

7.5CVSS9.8AI score0.56051EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.86 views

CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

10CVSS7.7AI score0.00891EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.84 views

CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5CVSS8AI score0.42484EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.81 views

CVE-2002-0391

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

10CVSS9.9AI score0.0457EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.79 views

CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

10CVSS7.6AI score0.623EPSS
CVE
CVE
added 2005/04/13 4:0 a.m.75 views

CVE-2004-0791

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and C...

5CVSS7.5AI score0.79728EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.74 views

CVE-2001-0236

Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.

10CVSS7.5AI score0.77743EPSS
CVE
CVE
added 2003/05/05 4:0 a.m.74 views

CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

10CVSS7.6AI score0.76919EPSS
CVE
CVE
added 2004/12/06 5:0 a.m.69 views

CVE-2004-0496

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

7.2CVSS6.5AI score0.0006EPSS
CVE
CVE
added 2002/07/23 4:0 a.m.68 views

CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

7.5CVSS6.8AI score0.19026EPSS
CVE
CVE
added 2002/07/26 4:0 a.m.65 views

CVE-2002-0436

sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.

10CVSS7.6AI score0.03931EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.64 views

CVE-2006-5201

Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponen...

4CVSS7.4AI score0.03819EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.62 views

CVE-2001-1503

The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.

2.1CVSS6.5AI score0.00215EPSS
CVE
CVE
added 2004/08/18 4:0 a.m.62 views

CVE-2004-0523

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

10CVSS9.8AI score0.13596EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.61 views

CVE-2001-0353

Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.

10CVSS7AI score0.01477EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.61 views

CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

7.2CVSS6.2AI score0.0043EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.60 views

CVE-2001-0594

kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.

4.6CVSS7.1AI score0.00144EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.60 views

CVE-2001-1414

The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root.

7.5CVSS7.2AI score0.00717EPSS
CVE
CVE
added 2007/07/12 4:30 p.m.59 views

CVE-2007-3717

rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.

6.9CVSS9.1AI score0.00082EPSS
CVE
CVE
added 2003/12/15 5:0 a.m.58 views

CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

4.3CVSS6.2AI score0.19846EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.56 views

CVE-2001-0095

catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.

1.2CVSS6.3AI score0.00143EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.56 views

CVE-2001-0779

Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.

10CVSS7AI score0.8072EPSS
CVE
CVE
added 2011/01/19 5:0 p.m.56 views

CVE-2010-4435

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims ...

10CVSS6.4AI score0.3648EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.54 views

CVE-2003-1068

Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.

7.2CVSS6.8AI score0.00144EPSS
CVE
CVE
added 2004/11/23 5:0 a.m.54 views

CVE-2004-0360

Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.3AI score0.00265EPSS
CVE
CVE
added 2006/01/10 7:0 p.m.54 views

CVE-2004-0780

Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.

7.2CVSS7.2AI score0.00084EPSS
CVE
CVE
added 2005/05/04 4:0 a.m.54 views

CVE-2004-1307

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflo...

7.5CVSS7.7AI score0.05111EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.54 views

CVE-2006-5215

The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.

2.6CVSS6.1AI score0.00079EPSS
CVE
CVE
added 2007/09/23 11:0 p.m.53 views

CVE-2001-1582

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.

7.2CVSS7.7AI score0.00171EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS
CVE
CVE
added 2007/04/16 10:19 p.m.53 views

CVE-2007-2045

Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.

5CVSS6.6AI score0.01824EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.52 views

CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

7.2CVSS6.8AI score0.00344EPSS
CVE
CVE
added 2001/07/02 4:0 a.m.52 views

CVE-2001-0426

Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable.

7.2CVSS7.3AI score0.00126EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.52 views

CVE-2003-1073

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes pla...

1.2CVSS6.6AI score0.00165EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.52 views

CVE-2005-0426

Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.

5CVSS7AI score0.00739EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.51 views

CVE-2001-0699

Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument.

7.2CVSS7.8AI score0.00058EPSS
CVE
CVE
added 2007/02/13 1:28 a.m.51 views

CVE-2007-0895

Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir ...

2.6CVSS6.1AI score0.00074EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.50 views

CVE-2001-1328

Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.

7.5CVSS7.7AI score0.06209EPSS
Total number of security vulnerabilities212