Total
609 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0652 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
|
|||||
| CVE-1999-0008 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in NIS+, in Sun's rpc.nisd program.
|
|||||
| CVE-1999-0302 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
|
|||||
| CVE-1999-1423 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
|
|||||
| CVE-1999-1211 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges.
|
|||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.
|
|||||
| CVE-2002-0436 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
|
|||||
| CVE-1999-0164 | 1 Sun | 1 Sunos | 2025-04-03 | 6.2 MEDIUM | N/A |
|
A race condition in the Solaris ps command allows an attacker to overwrite critical files.
|
|||||
| CVE-2002-0678 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2025-04-03 | 7.2 HIGH | N/A |
|
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
|
|||||
| CVE-2003-0161 | 4 Compaq, Hp, Sendmail and 1 more | 9 Tru64, Hp-ux, Hp-ux Series 700 and 6 more | 2025-04-03 | 10.0 HIGH | N/A |
|
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
|
|||||
| CVE-2003-1069 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).
|
|||||
| CVE-2006-0227 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.6 LOW | N/A |
|
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.
|
|||||
| CVE-2006-4306 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile.
|
|||||
| CVE-1999-0109 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in ffbconfig in Solaris 2.5.1.
|
|||||
| CVE-1999-1585 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges.
|
|||||
| CVE-2003-1079 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.
|
|||||
| CVE-2003-1064 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet.
|
|||||
| CVE-1999-0334 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.
|
|||||
| CVE-2003-0028 | 10 Cray, Freebsd, Gnu and 7 more | 13 Unicos, Freebsd, Glibc and 10 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
|
|||||
| CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 9 Enterprise Linux, Linux Advanced Workstation, Safe.pm and 6 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
|
|||||
| CVE-1999-0134 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
vold in Solaris 2.x allows local users to gain root access.
|
|||||
| CVE-2003-0092 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.
|
|||||
| CVE-1999-1371 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.
|
|||||
| CVE-2004-1360 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.
|
|||||
| CVE-2006-4307 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319.
|
|||||
| CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
|
|||||
| CVE-1999-0132 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
|
|||||
| CVE-2005-3398 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.3 MEDIUM | N/A |
|
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
|
|||||
| CVE-2000-0118 | 2 Redhat, Sun | 3 Linux, Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
|
|||||
| CVE-2006-1780 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh crash) via an unspecified attack vector that causes sh processes to crash during creation of temporary files.
|
|||||
| CVE-1999-0135 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
admintool in Solaris allows a local user to write to arbitrary files and gain root access.
|
|||||
| CVE-2003-1024 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.
|
|||||
| CVE-1999-0502 | 3 Hp, Redhat, Sun | 4 Hp-ux, Linux, Solaris and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
|
A Unix account has a default, null, blank, or missing password.
|
|||||
| CVE-2003-0064 | 4 Hp, Ibm, Sgi and 1 more | 5 Hp-ux, Aix, Irix and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
|
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
|
|||||
| CVE-2002-0884 | 2 Caldera, Sun | 3 Openunix, Unixware, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.
|
|||||
| CVE-1999-0841 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.
|
|||||
| CVE-1999-0190 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.
|
|||||
| CVE-1999-0263 | 1 Sun | 1 Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Solaris SUNWadmap can be exploited to obtain root access.
|
|||||
| CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Vacation program allows command execution by remote users through a sendmail command.
|
|||||
| CVE-2005-1518 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500.
|
|||||