VYPR

Solaris

by Sun Corporation

CVEs (499)

  • CVE-2007-5132Sep 27, 2007
    risk 0.00cvss epss 0.00

    Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."

  • CVE-2007-5118Sep 27, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.

  • CVE-2007-4732Sep 6, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.

  • CVE-2007-4495Aug 23, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124.

  • CVE-2007-4492Aug 23, 2007
    risk 0.00cvss epss 0.00

    Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123.

  • CVE-2007-4395Aug 17, 2007
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role.

  • CVE-2007-4310Aug 13, 2007
    risk 0.00cvss epss 0.01

    The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503.

  • CVE-2007-4126Aug 1, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the dynamic tracing framework (DTrace) on Sun Solaris 10 before 20070730 allows local users with PRIV_DTRACE_USER privileges to cause a denial of service (panic or hang) via unspecified use of certain DTrace programs.

  • CVE-2007-4070Jul 30, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.

  • CVE-2007-3717Jul 12, 2007
    risk 0.00cvss epss 0.00

    rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.

  • CVE-2007-3723Jul 12, 2007
    risk 0.00cvss epss 0.00

    The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption),…

  • CVE-2007-3471Jun 28, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.

  • CVE-2007-3469Jun 28, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the TCP Loopback/Fusion implementation in Sun Solaris 10 allows local users to cause a denial of service (resource exhaustion and service hang) via unspecified vectors.

  • CVE-2007-3470Jun 28, 2007
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors related to "memory buffers" of Secure Socket Layer (SSL) records.

  • CVE-2007-3458Jun 27, 2007
    risk 0.00cvss epss 0.00

    The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.

  • CVE-2007-3283Jun 19, 2007
    risk 0.00cvss epss 0.00

    GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.

  • CVE-2007-3248Jun 18, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 interfaces are present but not configured for IPsec, allows remote attackers to cause a denial of service (system crash) via certain network traffic.

  • CVE-2007-3223Jun 14, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.

  • CVE-2007-3094Jun 6, 2007
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.

  • CVE-2007-3093Jun 6, 2007
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.

Page 14 of 25