Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0786 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.6 MEDIUM | N/A |
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. | |||||
CVE-2004-1356 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | |||||
CVE-2000-0316 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. | |||||
CVE-2003-1063 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy. | |||||
CVE-2003-0064 | 4 Hp, Ibm, Sgi and 1 more | 5 Hp-ux, Aix, Irix and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
CVE-1999-0129 | 7 Bsdi, Eric Allman, Freebsd and 4 more | 9 Bsd Os, Sendmail, Freebsd and 6 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||||
CVE-2003-0196 | 5 Compaq, Hp, Samba and 2 more | 7 Tru64, Cifs-9000 Server, Hp-ux and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | |||||
CVE-2003-1075 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. | |||||
CVE-2002-1589 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). | |||||
CVE-1999-0767 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | |||||
CVE-2002-1587 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 2.1 LOW | N/A |
The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. | |||||
CVE-1999-0241 | 3 Sgi, Sun, Xfree86 Project | 4 Irix, Solaris, Sunos and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. | |||||
CVE-2003-1078 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. | |||||
CVE-1999-0875 | 2 Microsoft, Sun | 5 Windows 2000, Windows 95, Windows 98se and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | |||||
CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2024-02-28 | 7.5 HIGH | N/A |
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||||
CVE-2004-1180 | 3 Debian, Mandrakesoft, Sun | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). | |||||
CVE-2000-0407 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. | |||||
CVE-2003-1057 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.2 HIGH | N/A |
Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code. | |||||
CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 9 Enterprise Linux, Linux Advanced Workstation, Safe.pm and 6 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | |||||
CVE-2001-1414 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 7.5 HIGH | N/A |
The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root. |