| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. |
| sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. |
| Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument. |
| DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. |
| The WorkMan program can be used to overwrite any file to get root access. |
| cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request. |
| The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host. |
| Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. |
| The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root. |
| Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable. |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. |
| Denial of service through Solaris 2.5.1 telnet by sending ^D characters. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code. |
| Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. |
| Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. |
| Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program. |
| Denial of service in BIND named via malformed SIG records. |
| Solaris SUNWadmap can be exploited to obtain root access. |
