Solaris
CVEs (499)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-0938 | 0.00 | — | 0.00 | Feb 25, 2008 | Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126. | |||
| CVE-2008-0836 | 0.00 | — | 0.00 | Feb 20, 2008 | Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than… | |||
| CVE-2008-0730 | 0.00 | — | 0.00 | Feb 12, 2008 | The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read… | |||
| CVE-2008-0718 | 0.00 | — | 0.00 | Feb 12, 2008 | Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors. | |||
| CVE-2008-0269 | 0.00 | — | 0.00 | Jan 15, 2008 | Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors. | |||
| CVE-2008-0242 | 0.00 | — | 0.00 | Jan 12, 2008 | Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions. | |||
| CVE-2007-6505 | 0.00 | — | 0.01 | Dec 20, 2007 | Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct… | |||
| CVE-2007-6413 | 0.00 | — | 0.03 | Dec 17, 2007 | Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user. | |||
| CVE-2007-6225 | 0.00 | — | 0.00 | Dec 4, 2007 | Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors. | |||
| CVE-2007-6216 | 0.00 | — | 0.00 | Dec 4, 2007 | Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs. | |||
| CVE-2007-6180 | 0.00 | — | 0.01 | Nov 30, 2007 | Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors. | |||
| CVE-2007-5921 | 0.00 | — | 0.00 | Nov 10, 2007 | Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346. | |||
| CVE-2007-5716 | 0.00 | — | 0.02 | Oct 30, 2007 | Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet. | |||
| CVE-2007-5726 | 0.00 | — | 0.02 | Oct 30, 2007 | Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun Solaris 10, when at least one SCTP socket is in the LISTEN state, allows remote attackers to cause a denial of service (panic) via unspecified vectors related to "INIT processing." | |||
| CVE-2007-5632 | 0.00 | — | 0.00 | Oct 23, 2007 | Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions. | |||
| CVE-2007-5462 | 0.00 | — | 0.02 | Oct 15, 2007 | Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial… | |||
| CVE-2007-5422 | 0.00 | — | 0.00 | Oct 12, 2007 | Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors. | |||
| CVE-2007-5367 | 0.00 | — | 0.00 | Oct 11, 2007 | Unspecified vulnerability in the Virtual File System (VFS) in Sun Solaris 10 allows local users to cause a denial of service (kernel memory consumption) via unspecified vectors. | |||
| CVE-2007-5368 | 0.00 | — | 0.00 | Oct 11, 2007 | Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service (multiple application hang) via unspecified vectors. | |||
| CVE-2007-5319 | 0.00 | — | 0.01 | Oct 9, 2007 | Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors. |
- CVE-2008-0938Feb 25, 2008risk 0.00cvss —epss 0.00
Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126.
- CVE-2008-0836Feb 20, 2008risk 0.00cvss —epss 0.00
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than…
- CVE-2008-0730Feb 12, 2008risk 0.00cvss —epss 0.00
The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read…
- CVE-2008-0718Feb 12, 2008risk 0.00cvss —epss 0.00
Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors.
- CVE-2008-0269Jan 15, 2008risk 0.00cvss —epss 0.00
Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors.
- CVE-2008-0242Jan 12, 2008risk 0.00cvss —epss 0.00
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.
- CVE-2007-6505Dec 20, 2007risk 0.00cvss —epss 0.01
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct…
- CVE-2007-6413Dec 17, 2007risk 0.00cvss —epss 0.03
Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user.
- CVE-2007-6225Dec 4, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors.
- CVE-2007-6216Dec 4, 2007risk 0.00cvss —epss 0.00
Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs.
- CVE-2007-6180Nov 30, 2007risk 0.00cvss —epss 0.01
Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors.
- CVE-2007-5921Nov 10, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.
- CVE-2007-5716Oct 30, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet.
- CVE-2007-5726Oct 30, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun Solaris 10, when at least one SCTP socket is in the LISTEN state, allows remote attackers to cause a denial of service (panic) via unspecified vectors related to "INIT processing."
- CVE-2007-5632Oct 23, 2007risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions.
- CVE-2007-5462Oct 15, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial…
- CVE-2007-5422Oct 12, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors.
- CVE-2007-5367Oct 11, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Virtual File System (VFS) in Sun Solaris 10 allows local users to cause a denial of service (kernel memory consumption) via unspecified vectors.
- CVE-2007-5368Oct 11, 2007risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service (multiple application hang) via unspecified vectors.
- CVE-2007-5319Oct 9, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.
Page 13 of 25