Sunos Security Vulnerabilities and Issues — Sunos CVE List

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0...

5CVSS7.5AI score0.79728EPSS

CVE•added 2000/02/04 5:0 a.m.•76 views

CVE-1999-0015

Teardrop IP denial of service.

5CVSS6.8AI score0.25851EPSS

CVE•added 1999/09/29 4:0 a.m.•76 views

CVE-1999-0019

Delete or create a file via rpc.statd, due to invalid information.

5CVSS7.3AI score0.01078EPSS

CVE•added 1999/09/29 4:0 a.m.•75 views

CVE-1999-0010

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

5CVSS6.8AI score0.02EPSS

CVE•added 2005/04/13 4:0 a.m.•75 views

CVE-2004-0791

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and C...

5CVSS7.5AI score0.79728EPSS

CVE•added 1999/09/29 4:0 a.m.•72 views

CVE-1999-0128

Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

5CVSS9.2AI score0.15798EPSS

CVE•added 1999/09/29 4:0 a.m.•62 views

CVE-1999-0054

Sun's ftpd daemon can be subjected to a denial of service.

5CVSS7.3AI score0.00562EPSS

CVE•added 1999/09/29 4:0 a.m.•57 views

CVE-1999-0209

The SunView (SunTools) selection_svc facility allows remote users to read files.

5CVSS6.8AI score0.4417EPSS

CVE•added 2005/06/14 4:0 a.m.•57 views

CVE-2005-0488

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

5CVSS9.2AI score0.10248EPSS

CVE•added 2012/08/16 10:38 a.m.•56 views

CVE-2012-4298

Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.

5.4CVSS7.5AI score0.00919EPSS

CVE•added 2000/01/04 5:0 a.m.•55 views

CVE-1999-0848

Denial of service in BIND named via consuming more than "fdmax" file descriptors.

5CVSS6.6AI score0.10156EPSS

CVE•added 2012/08/16 10:38 a.m.•55 views

CVE-2012-4287

epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.

5CVSS6.3AI score0.02866EPSS

CVE•added 2007/04/16 10:19 p.m.•53 views

CVE-2007-2045

Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.

5CVSS6.6AI score0.01824EPSS

CVE•added 2005/05/02 4:0 a.m.•52 views

CVE-2005-0426

Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.

5CVSS7AI score0.00739EPSS

CVE•added 2000/02/04 5:0 a.m.•50 views

CVE-1999-0104

A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.

5CVSS7.4AI score0.03605EPSS

CVE•added 2000/02/04 5:0 a.m.•50 views

CVE-1999-0345

Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

5CVSS7.3AI score0.00504EPSS

CVE•added 2011/07/21 12:55 a.m.•50 views

CVE-2011-2298

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to KSSL.

5CVSS6.3AI score0.00455EPSS

CVE•added 2000/07/12 4:0 a.m.•48 views

CVE-2000-0030

Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.

5CVSS6.7AI score0.00441EPSS

CVE•added 2002/05/03 4:0 a.m.•48 views

CVE-2001-1244

Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network tra...

5CVSS7.1AI score0.08688EPSS

CVE•added 2002/12/23 5:0 a.m.•48 views

CVE-2002-1345

Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.

5CVSS6.5AI score0.02126EPSS

CVE•added 2005/01/19 5:0 a.m.•48 views

CVE-2004-1354

The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) at...

5CVSS6.6AI score0.03275EPSS

CVE•added 2002/03/15 5:0 a.m.•47 views

CVE-2002-0085

cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.

5CVSS6.4AI score0.01271EPSS

CVE•added 2007/03/07 8:19 p.m.•47 views

CVE-2006-7140

The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctl...

5.8CVSS7.2AI score0.07729EPSS

CVE•added 2000/03/22 5:0 a.m.•46 views

CVE-1999-0908

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.

5CVSS6.8AI score0.03801EPSS

CVE•added 2004/09/01 4:0 a.m.•46 views

CVE-2003-0027

Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

5CVSS6.7AI score0.65152EPSS

CVE•added 2006/05/05 11:0 p.m.•46 views

CVE-2005-4797

Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.

5CVSS6.6AI score0.73269EPSS

CVE•added 2002/10/28 5:0 a.m.•45 views

CVE-2002-1228

Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.

5CVSS6.2AI score0.00703EPSS

CVE•added 2005/02/08 5:0 a.m.•45 views

CVE-2003-1069

The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).

5CVSS7.1AI score0.00763EPSS

CVE•added 2005/05/16 4:0 a.m.•45 views

CVE-2005-1591

Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.

5CVSS7AI score0.00655EPSS

CVE•added 2012/08/16 10:38 a.m.•45 views

CVE-2012-4294

Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.

5.8CVSS7.7AI score0.03416EPSS

CVE•added 2004/09/01 4:0 a.m.•44 views

CVE-2002-1199

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

5CVSS6.5AI score0.02144EPSS

CVE•added 2005/02/08 5:0 a.m.•44 views

CVE-2003-1060

The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.

5CVSS7.1AI score0.00739EPSS

CVE•added 2005/11/23 2:3 a.m.•44 views

CVE-2005-3781

Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries."

5CVSS6.4AI score0.00705EPSS

CVE•added 2012/05/03 10:55 p.m.•44 views

CVE-2012-1683

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd.

5.9CVSS8AI score0.00045EPSS

CVE•added 2013/04/17 12:14 p.m.•44 views

CVE-2013-0408

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to CPU performance counters drivers.

5CVSS5.5AI score0.00363EPSS

CVE•added 1999/09/29 4:0 a.m.•43 views

CVE-1999-0273

Denial of service through Solaris 2.5.1 telnet by sending ^D characters.

5CVSS6.8AI score0.00504EPSS

CVE•added 2005/02/08 5:0 a.m.•43 views

CVE-2002-1585

Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic.

5CVSS7AI score0.00739EPSS

CVE•added 2004/09/01 4:0 a.m.•43 views

CVE-2003-0058

MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

5CVSS8.7AI score0.19337EPSS

CVE•added 2005/02/11 5:0 a.m.•43 views

CVE-2004-1180

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

5CVSS6.3AI score0.00763EPSS

CVE•added 2005/02/15 5:0 a.m.•43 views

CVE-2005-0447

Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.

5CVSS7AI score0.00911EPSS

CVE•added 2015/01/21 3:28 p.m.•43 views

CVE-2014-6575

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230.

5CVSS8.3AI score0.11484EPSS

CVE•added 2015/01/21 6:59 p.m.•43 views

CVE-2015-0375

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.

5CVSS5.8AI score0.01165EPSS

CVE•added 2014/10/15 10:55 p.m.•42 views

CVE-2014-6490

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to SMB server user component.

5CVSS6AI score0.00776EPSS

CVE•added 2005/02/08 5:0 a.m.•41 views

CVE-2003-1066

Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.

5CVSS8AI score0.02283EPSS

CVE•added 2014/10/15 3:55 p.m.•41 views

CVE-2014-4277

Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4283.

5CVSS5.9AI score0.00428EPSS

CVE•added 2005/02/08 5:0 a.m.•40 views

CVE-2003-1070

Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).

5CVSS7AI score0.009EPSS

Total number of security vulnerabilities76