Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-0857 | 1 Sun | 2 Management Center, Solaris | 2024-11-21 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. | |||||
CVE-2009-0601 | 6 Apple, Freebsd, Linux and 3 more | 6 Mac Os X, Freebsd, Linux Kernel and 3 more | 2024-11-21 | 2.1 LOW | N/A |
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. | |||||
CVE-2009-0480 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.9 MEDIUM | N/A |
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. | |||||
CVE-2009-0346 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.9 MEDIUM | N/A |
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. | |||||
CVE-2009-0319 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." | |||||
CVE-2009-0304 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 7.8 HIGH | N/A |
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. | |||||
CVE-2009-0268 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.9 MEDIUM | N/A |
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. | |||||
CVE-2009-0267 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 5.0 MEDIUM | N/A |
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. | |||||
CVE-2009-0168 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. | |||||
CVE-2009-0167 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." | |||||
CVE-2009-0132 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.9 MEDIUM | N/A |
Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument). | |||||
CVE-2009-0069 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. | |||||
CVE-2008-6024 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 5.4 MEDIUM | N/A |
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. | |||||
CVE-2008-5746 | 1 Sun | 2 Snmp Management Agent, Solaris | 2024-11-21 | 6.9 MEDIUM | N/A |
Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files. | |||||
CVE-2008-5699 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 4.6 MEDIUM | N/A |
The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors. | |||||
CVE-2008-5690 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 2.1 LOW | N/A |
The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. | |||||
CVE-2008-5689 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 7.2 HIGH | N/A |
tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference. | |||||
CVE-2008-5684 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session). | |||||
CVE-2008-5661 | 1 Sun | 2 Opensolaris, Solaris | 2024-11-21 | 5.4 MEDIUM | N/A |
The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference. | |||||
CVE-2008-5550 | 1 Sun | 3 Java Web Console, Solaris, Sunos | 2024-11-21 | 4.3 MEDIUM | N/A |
Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter. |