Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-3920 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. | |||||
CVE-2006-0901 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code. | |||||
CVE-2005-3099 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code. | |||||
CVE-2006-0516 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors. | |||||
CVE-2005-2870 | 1 Sun | 1 Solaris | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses. | |||||
CVE-2005-4706 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function. | |||||
CVE-2006-1092 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed. | |||||
CVE-2005-4133 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files. | |||||
CVE-2006-4439 | 1 Sun | 1 Solaris | 2024-02-28 | 3.6 LOW | N/A |
pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871. | |||||
CVE-2006-3728 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the kernel in Solaris 10 with patch 118822-29 (118844-29 on x86) and without patch 118833-11 (118855-08) allows remote authenticated users to cause a denial of service via unspecified vectors that lead to "kernel data structure corruption" that can trigger a system panic, application failure, or "data corruption." | |||||
CVE-2005-3238 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. | |||||
CVE-2004-0791 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. | |||||
CVE-2006-0161 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780. | |||||
CVE-2005-4797 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command. | |||||
CVE-2004-2686 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure. | |||||
CVE-2005-3071 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. | |||||
CVE-2006-0191 | 1 Sun | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in Sun Solaris 10 allows local users to cause a denial of service (null dereference) via unspecified vectors involving the use of the find command on the "/proc" filesystem. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2005-3250. | |||||
CVE-2006-1782 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including (2) ldapadd, (3) ldapdelete, (4) ldapmodify, (5) ldapmodrdn, and (6) ldapsearch. | |||||
CVE-2006-0769 | 1 Sun | 1 Solaris | 2024-02-28 | 7.2 HIGH | N/A |
Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | |||||
CVE-2004-0790 | 2 Microsoft, Sun | 8 Windows 2000, Windows 2003 Server, Windows 98 and 5 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. |