VYPR

Solaris

by Sun Corporation

CVEs (499)

  • CVE-2008-2710Jun 16, 2008
    risk 0.00cvss epss 0.01

    Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL…

  • CVE-2008-2706Jun 16, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference.

  • CVE-2008-2707Jun 16, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allows remote attackers to cause a denial of service (network connectivity loss) via unknown vectors.

  • CVE-2008-2552Jun 5, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Service Tag Registry on Sun Solaris 10, and Sun Service Tag before 1.1.3, allows local users to cause a denial of service (disk consumption) via unspecified vectors.

  • CVE-2008-2538Jun 3, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.

  • CVE-2008-2418May 23, 2008
    risk 0.00cvss epss 0.00

    Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.

  • CVE-2008-2121May 9, 2008
    risk 0.00cvss epss 0.02

    The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack.

  • CVE-2008-2089May 6, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.

  • CVE-2008-2090May 6, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.

  • CVE-2008-1779Apr 14, 2008
    risk 0.00cvss epss 0.02

    Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.

  • CVE-2008-1778Apr 14, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors.

  • CVE-2008-1780Apr 14, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors.

  • CVE-2008-1684Apr 6, 2008
    risk 0.00cvss epss 0.00

    inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.

  • CVE-2008-1369Mar 18, 2008
    risk 0.00cvss epss 0.03

    A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.

  • CVE-2008-1356Mar 17, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash.

  • CVE-2008-1317Mar 13, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues.

  • CVE-2008-1205Mar 8, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors.

  • CVE-2008-1115Mar 3, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands.

  • CVE-2008-1095Feb 29, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.

  • CVE-2008-0938Feb 25, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126.

Page 12 of 25