Solaris
CVEs (499)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-1207 | 0.00 | — | 0.00 | Apr 1, 2009 | Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. | |||
| CVE-2009-0926 | 0.00 | — | 0.00 | Mar 17, 2009 | Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage… | |||
| CVE-2009-0925 | 0.00 | — | 0.00 | Mar 17, 2009 | Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR… | |||
| CVE-2009-0924 | 0.00 | — | 0.00 | Mar 17, 2009 | Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines,… | |||
| CVE-2009-0923 | 0.00 | — | 0.02 | Mar 17, 2009 | Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key… | |||
| CVE-2009-0913 | 0.00 | — | 0.00 | Mar 16, 2009 | Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. | |||
| CVE-2009-0875 | 0.00 | — | 0.00 | Mar 12, 2009 | Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time… | |||
| CVE-2009-0874 | 0.00 | — | 0.00 | Mar 12, 2009 | Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors… | |||
| CVE-2009-0873 | 0.00 | — | 0.02 | Mar 11, 2009 | The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a… | |||
| CVE-2009-0872 | 0.00 | — | 0.02 | Mar 11, 2009 | The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as… | |||
| CVE-2009-0870 | 0.00 | — | 0.00 | Mar 10, 2009 | The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. | |||
| CVE-2009-0838 | 0.00 | — | 0.00 | Mar 6, 2009 | The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function. | |||
| CVE-2009-0480 | 0.00 | — | 0.00 | Feb 9, 2009 | The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of… | |||
| CVE-2008-6024 | 0.00 | — | 0.02 | Feb 2, 2009 | Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. | |||
| CVE-2009-0346 | 0.00 | — | 0.00 | Jan 29, 2009 | The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. | |||
| CVE-2009-0319 | 0.00 | — | 0.00 | Jan 28, 2009 | Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." | |||
| CVE-2009-0268 | 0.00 | — | 0.00 | Jan 26, 2009 | Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. | |||
| CVE-2009-0267 | 0.00 | — | 0.03 | Jan 26, 2009 | libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. | |||
| CVE-2009-0168 | 0.00 | — | 0.00 | Jan 16, 2009 | Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. | |||
| CVE-2009-0167 | 0.00 | — | 0.00 | Jan 16, 2009 | Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." |
- CVE-2009-1207Apr 1, 2009risk 0.00cvss —epss 0.00
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.
- CVE-2009-0926Mar 17, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage…
- CVE-2009-0925Mar 17, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR…
- CVE-2009-0924Mar 17, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines,…
- CVE-2009-0923Mar 17, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key…
- CVE-2009-0913Mar 16, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options.
- CVE-2009-0875Mar 12, 2009risk 0.00cvss —epss 0.00
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time…
- CVE-2009-0874Mar 12, 2009risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors…
- CVE-2009-0873Mar 11, 2009risk 0.00cvss —epss 0.02
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a…
- CVE-2009-0872Mar 11, 2009risk 0.00cvss —epss 0.02
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as…
- CVE-2009-0870Mar 10, 2009risk 0.00cvss —epss 0.00
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function.
- CVE-2009-0838Mar 6, 2009risk 0.00cvss —epss 0.00
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.
- CVE-2009-0480Feb 9, 2009risk 0.00cvss —epss 0.00
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of…
- CVE-2008-6024Feb 2, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors.
- CVE-2009-0346Jan 29, 2009risk 0.00cvss —epss 0.00
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection.
- CVE-2009-0319Jan 28, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."
- CVE-2009-0268Jan 26, 2009risk 0.00cvss —epss 0.00
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.
- CVE-2009-0267Jan 26, 2009risk 0.00cvss —epss 0.03
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.
- CVE-2009-0168Jan 16, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.
- CVE-2009-0167Jan 16, 2009risk 0.00cvss —epss 0.00
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."
Page 10 of 25