Sunos Security Vulnerabilities and Issues — Sunos CVE List

Lucene search

SunSunos

11 matches found

CVE•added 2004/09/01 4:0 a.m.•84 views

CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

7.5CVSS8AI score0.42484EPSS

CVE•added 2004/09/01 4:0 a.m.•79 views

CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

10CVSS7.6AI score0.51022EPSS

CVE•added 2004/09/01 4:0 a.m.•62 views

CVE-2002-0158

Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.

7.2CVSS6.9AI score0.00178EPSS

CVE•added 2004/09/01 4:0 a.m.•54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS

CVE•added 2004/09/01 4:0 a.m.•53 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary...

7.5CVSS7.2AI score0.00871EPSS

CVE•added 2004/09/01 4:0 a.m.•50 views

CVE-2001-1328

Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.

7.5CVSS7.7AI score0.06209EPSS

CVE•added 2004/09/01 4:0 a.m.•46 views

CVE-2003-0027

Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

5CVSS6.7AI score0.65152EPSS

CVE•added 2004/09/01 4:0 a.m.•44 views

CVE-2002-1199

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

5CVSS6.5AI score0.02144EPSS

CVE•added 2004/09/01 4:0 a.m.•43 views

CVE-2003-0058

MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

5CVSS8.7AI score0.19337EPSS

CVE•added 2004/09/01 4:0 a.m.•41 views

CVE-2001-0548

Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.

4.6CVSS6.8AI score0.00123EPSS

CVE•added 2004/09/01 4:0 a.m.•39 views

CVE-2002-1296

Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.

7.2CVSS7.1AI score0.00027EPSS