Filtered by vendor Sun
Subscribe
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1763 | 1 Sun | 1 Sunos | 2024-11-20 | 4.6 MEDIUM | N/A |
The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session. | |||||
CVE-2002-1590 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 7.2 HIGH | N/A |
The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service. | |||||
CVE-2002-1589 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 2.1 LOW | N/A |
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). | |||||
CVE-2002-1588 | 1 Sun | 1 Openwindows | 2024-11-20 | 5.0 MEDIUM | N/A |
Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service (mailtool segmentation violation and crash) via a malformed mail attachment. | |||||
CVE-2002-1587 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 2.1 LOW | N/A |
The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. | |||||
CVE-2002-1586 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 2.1 LOW | N/A |
Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference. | |||||
CVE-2002-1585 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 5.0 MEDIUM | N/A |
Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic. | |||||
CVE-2002-1584 | 2 Sgi, Sun | 3 Irix, Solaris, Sunos | 2024-11-20 | 10.0 HIGH | N/A |
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. | |||||
CVE-2002-1525 | 2 Astaware, Sun | 2 Searchdisc, Sunone Starter Kit | 2024-11-20 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017. | |||||
CVE-2002-1361 | 1 Sun | 1 Cobalt Raq 4 | 2024-11-20 | 10.0 HIGH | N/A |
overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter. | |||||
CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2024-11-20 | 5.0 MEDIUM | N/A |
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. | |||||
CVE-2002-1344 | 2 Gnu, Sun | 2 Wget, Cobalt Raq Xtr | 2024-11-20 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences. | |||||
CVE-2002-1337 | 7 Gentoo, Hp, Netbsd and 4 more | 9 Linux, Alphaserver Sc, Hp-ux and 6 more | 2024-11-20 | 10.0 HIGH | N/A |
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | |||||
CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 9 Enterprise Linux, Linux Advanced Workstation, Safe.pm and 6 more | 2024-11-20 | 4.6 MEDIUM | N/A |
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | |||||
CVE-2002-1317 | 4 Hp, Sgi, Sun and 1 more | 5 Hp-ux, Irix, Solaris and 2 more | 2024-11-20 | 7.5 HIGH | N/A |
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | |||||
CVE-2002-1296 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 7.2 HIGH | N/A |
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. | |||||
CVE-2002-1228 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 5.0 MEDIUM | N/A |
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. | |||||
CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2024-11-20 | 5.0 MEDIUM | N/A |
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | |||||
CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2024-11-20 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | |||||
CVE-2002-1034 | 1 Sun | 1 I-runbook | 2024-11-20 | 10.0 HIGH | N/A |
none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument. |