Filtered by vendor Sun
Subscriptions
Filtered by product Solaris
Subscriptions
Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-1352 | 1 Sun | 2 Solaris, Sunos | 2023-11-07 | N/A |
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. | ||||
CVE-2004-1351 | 1 Sun | 2 Solaris, Sunos | 2023-11-07 | N/A |
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. | ||||
CVE-2001-0779 | 1 Sun | 2 Solaris, Sunos | 2023-11-07 | N/A |
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. | ||||
CVE-1999-0875 | 2 Microsoft, Sun | 5 Windows 2000, Windows 95, Windows 98se and 2 more | 2023-11-07 | N/A |
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | ||||
CVE-1999-0818 | 1 Sun | 2 Solaris, Sunos | 2023-11-07 | N/A |
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. | ||||
CVE-1999-0676 | 1 Sun | 2 Solaris, Sunos | 2023-11-07 | N/A |
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. | ||||
CVE-2009-2187 | 1 Sun | 2 Opensolaris, Solaris | 2022-10-03 | N/A |
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages. | ||||
CVE-2009-2596 | 1 Sun | 2 Opensolaris, Solaris | 2022-10-03 | N/A |
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. | ||||
CVE-2009-2856 | 1 Sun | 2 Solaris, Virtual Desktop Infrastructure | 2022-10-03 | N/A |
Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network. | ||||
CVE-2009-4314 | 1 Sun | 2 Ray Server Software, Solaris | 2022-10-03 | N/A |
Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device. | ||||
CVE-2009-4502 | 3 Freebsd, Sun, Zabbix | 3 Freebsd, Solaris, Zabbix | 2022-10-03 | N/A |
The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses. | ||||
CVE-2009-4774 | 1 Sun | 2 Opensolaris, Solaris | 2022-10-03 | N/A |
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225. | ||||
CVE-2009-4187 | 1 Sun | 2 Java System Portal Server, Solaris | 2022-10-03 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2009-3390 | 1 Sun | 2 Opensolaris, Solaris | 2022-10-03 | N/A |
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library. | ||||
CVE-2009-3101 | 1 Sun | 2 Opensolaris, Solaris | 2022-10-03 | N/A |
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches. | ||||
CVE-2009-3706 | 1 Sun | 2 Opensolaris, Solaris | 2022-10-03 | N/A |
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call. | ||||
CVE-2009-3100 | 2 Sun, X.org | 3 Opensolaris, Solaris, X11 | 2022-10-03 | N/A |
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches. | ||||
CVE-2009-3000 | 1 Sun | 2 Opensolaris, Solaris | 2022-10-03 | N/A |
The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling." | ||||
CVE-2002-2089 | 1 Sun | 1 Solaris | 2022-10-03 | N/A |
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument. | ||||
CVE-2002-2197 | 1 Sun | 2 Solaris, Sunos | 2022-10-03 | N/A |
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. |