Total
609 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0689 | 2 Cde, Sun | 3 Cde, Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. | |||||
CVE-1999-1432 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges. | |||||
CVE-1999-0952 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. | |||||
CVE-1999-0841 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. | |||||
CVE-1999-0908 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. | |||||
CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | |||||
CVE-2002-0084 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument. | |||||
CVE-1999-0143 | 3 Mit, Process Software, Sun | 4 Kerberos, Kerberos 5, Multinet and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. | |||||
CVE-1999-1142 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user. | |||||
CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | |||||
CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2024-02-28 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | |||||
CVE-2001-0595 | 1 Sun | 1 Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program. | |||||
CVE-2003-1069 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop). | |||||
CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2024-02-28 | 4.3 MEDIUM | N/A |
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||||
CVE-1999-1122 | 1 Sun | 1 Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. | |||||
CVE-1999-1023 | 1 Sun | 1 Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. | |||||
CVE-2001-0699 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. | |||||
CVE-2001-0236 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event. | |||||
CVE-2002-0573 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | |||||
CVE-1999-1586 | 1 Sun | 1 Sunos | 2024-02-28 | 7.2 HIGH | N/A |
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. |