Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0689 | 2 Cde, Sun | 3 Cde, Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
|
|||||
| CVE-2006-4117 | 1 Sun | 1 Solaris | 2025-04-03 | 5.4 MEDIUM | N/A |
|
The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP connections ("heavy TCP/IP loads"). NOTE: the original report specifies the function name as "drain_squeue," but this is likely incorrect.
|
|||||
| CVE-1999-0104 | 4 Caldera, Hp, Microsoft and 1 more | 5 Openlinux, Hp-ux, Windows 95 and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
|
|||||
| CVE-1999-0370 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
|
|||||
| CVE-1999-1023 | 1 Sun | 1 Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
|
|||||
| CVE-1999-1467 | 1 Sun | 1 Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.
|
|||||
| CVE-1999-0213 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.
|
|||||
| CVE-2001-1503 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.
|
|||||
| CVE-2004-1815 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
|
|||||
| CVE-1999-0298 | 2 Slackware, Sun | 2 Slackware Linux, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.
|
|||||
| CVE-2005-1753 | 1 Sun | 1 Javamail | 2025-04-03 | 5.0 MEDIUM | N/A |
|
ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products.
|
|||||
| CVE-2006-3824 | 1 Sun | 1 Solaris | 2025-04-03 | 4.9 MEDIUM | N/A |
|
systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow.
|
|||||
| CVE-2003-0609 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
|
|||||
| CVE-2003-1229 | 2 Oracle, Sun | 3 Jre, Java Web Start, Jsse | 2025-04-03 | 7.5 HIGH | N/A |
|
X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in improper validation of digital certificate and allows remote attackers to (1) falsely authenticate peers for SSL or (2) incorrectly validate signed JAR files.
|
|||||
| CVE-2001-0401 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
|
|||||
| CVE-1999-0797 | 1 Sun | 1 Sunos | 2025-04-03 | 2.6 LOW | N/A |
|
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
|
|||||
| CVE-2005-1974 | 1 Sun | 1 J2se | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges.
|
|||||
| CVE-1999-1142 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
|
|||||
| CVE-1999-1258 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
|
|||||
| CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
|
|||||
| CVE-2005-0488 | 3 Microsoft, Mit, Sun | 3 Telnet Client, Kerberos 5, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
|
|||||
| CVE-1999-1026 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
|
aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.
|
|||||
| CVE-2005-0548 | 1 Sun | 1 Solaris Answerbook2 | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function.
|
|||||
| CVE-2001-1555 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY.
|
|||||
| CVE-2003-1066 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.
|
|||||
| CVE-1999-0369 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
|
|||||
| CVE-2003-1072 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).
|
|||||
| CVE-1999-1014 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
|
|||||
| CVE-1999-0982 | 1 Sun | 2 Solaris, Web-based Enterprise Management | 2025-04-03 | 7.2 HIGH | N/A |
|
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
|
|||||
| CVE-2006-4958 | 1 Sun | 1 Secure Global Desktop | 2025-04-03 | 6.8 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.
|
|||||
| CVE-1999-0185 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.
|
|||||
| CVE-2005-4804 | 1 Sun | 1 Java System Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications.
|
|||||
| CVE-1999-1396 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root access or cause a denial of service (crash).
|
|||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
|
|||||
| CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack.
|
|||||
| CVE-2005-2022 | 1 Sun | 2 Iplanet Messaging Server, One Messaging Server | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary Javascript, possibly due to a cross-site scripting (XSS) vulnerability.
|
|||||
| CVE-1999-1449 | 1 Sun | 1 Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
|
|||||
| CVE-1999-0211 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.
|
|||||
| CVE-2000-0175 | 1 Sun | 1 Staroffice | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.
|
|||||
| CVE-1999-1527 | 1 Sun | 2 Forte, Netbeans Developer | 2025-04-03 | 7.5 HIGH | N/A |
|
Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server.
|
|||||