Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Solaris
Total 545 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2706 1 Sun 1 Solaris 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference.
CVE-2008-2674 4 Fujitsu, Microsoft, Redhat and 1 more 11 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Plus Developer and 8 more 2024-11-21 6.4 MEDIUM N/A
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors.
CVE-2008-2538 1 Sun 1 Solaris 2024-11-21 6.9 MEDIUM N/A
Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.
CVE-2008-2418 1 Sun 1 Solaris 2024-11-21 4.7 MEDIUM N/A
Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2008-2112 3 Novell, Redhat, Sun 4 Suse Linux Enterprise Server, Enterprise Linux, Ray Server Software and 1 more 2024-11-21 8.5 HIGH N/A
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig.
CVE-2008-2090 1 Sun 1 Solaris 2024-11-21 7.8 HIGH N/A
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.
CVE-2008-2089 1 Sun 1 Solaris 2024-11-21 7.8 HIGH N/A
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.
CVE-2008-1780 1 Sun 1 Solaris 2024-11-21 4.6 MEDIUM N/A
Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors.
CVE-2008-1779 1 Sun 1 Solaris 2024-11-21 6.8 MEDIUM N/A
Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.
CVE-2008-1684 1 Sun 1 Solaris 2024-11-21 4.7 MEDIUM N/A
inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.
CVE-2008-1480 1 Sun 2 Solaris, Sunos 2024-11-21 4.3 MEDIUM N/A
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.
CVE-2008-1356 1 Sun 1 Solaris 2024-11-21 6.3 MEDIUM N/A
Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash.
CVE-2008-1317 1 Sun 1 Solaris 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues.
CVE-2008-1286 2 Linux, Sun 3 Linux Kernel, Java Web Console, Solaris 2024-11-21 7.8 HIGH N/A
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors.
CVE-2008-1205 1 Sun 1 Solaris 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors.
CVE-2008-1115 1 Sun 1 Solaris 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands.
CVE-2008-1095 1 Sun 2 Solaris, Sunos 2024-11-21 6.8 MEDIUM N/A
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.
CVE-2008-0965 1 Sun 3 Opensolaris, Solaris, Sunos 2024-11-21 9.3 HIGH N/A
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.
CVE-2008-0964 1 Sun 3 Opensolaris, Solaris, Sunos 2024-11-21 9.3 HIGH N/A
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.
CVE-2008-0960 6 Cisco, Ecos Sourceware, Ingate and 3 more 25 Ace 10 6504 Bundle With 4 Gbps Throughput, Ace 10 6509 Bundle With 8 Gbps Throughput, Ace 10 Service Module and 22 more 2024-11-21 10.0 HIGH N/A
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.