Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1055 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup. | |||||
CVE-1999-0186 | 1 Sun | 1 Solaris | 2024-02-28 | 10.0 HIGH | N/A |
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. | |||||
CVE-1999-1118 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters. | |||||
CVE-1999-0493 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. | |||||
CVE-1999-0859 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. | |||||
CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | |||||
CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2024-02-28 | 2.1 LOW | N/A |
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | |||||
CVE-1999-0254 | 1 Sun | 1 Solaris | 2024-02-28 | 10.0 HIGH | N/A |
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. | |||||
CVE-2001-1503 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host. | |||||
CVE-2003-0027 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. | |||||
CVE-1999-0139 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. | |||||
CVE-2001-0190 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). | |||||
CVE-2001-0548 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable. | |||||
CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2024-02-28 | 5.0 MEDIUM | N/A |
DNS cache poisoning via BIND, by predictable query IDs. | |||||
CVE-1999-0185 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. | |||||
CVE-2002-0391 | 4 Freebsd, Microsoft, Openbsd and 1 more | 7 Freebsd, Windows 2000, Windows Nt and 4 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | |||||
CVE-2004-1355 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | |||||
CVE-2002-0085 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request. | |||||
CVE-2002-0796 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges. | |||||
CVE-2001-1066 | 1 Sun | 1 Solaris | 2024-02-28 | 2.1 LOW | N/A |
ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. |