Solaris
CVEs (499)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-3069 | 0.00 | — | 0.00 | Jun 6, 2007 | xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence. | |||
| CVE-2007-2989 | 0.00 | — | 0.03 | Jun 1, 2007 | The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue… | |||
| CVE-2007-2990 | 0.00 | — | 0.00 | Jun 1, 2007 | Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | |||
| CVE-2007-2882 | 0.00 | — | 0.03 | May 30, 2007 | Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets. | |||
| CVE-2007-2529 | 0.00 | — | 0.00 | May 9, 2007 | Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL. | |||
| CVE-2007-2465 | 0.00 | — | 0.00 | May 2, 2007 | Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath… | |||
| CVE-2007-1681 | 0.00 | — | 0.05 | Apr 19, 2007 | Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a… | |||
| CVE-2007-2045 | 0.00 | — | 0.02 | Apr 16, 2007 | Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments. | |||
| CVE-2007-1794 | 0.00 | — | 0.04 | Apr 2, 2007 | The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to… | |||
| CVE-2006-7140 | 0.00 | — | 0.01 | Mar 7, 2007 | The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents… | |||
| CVE-2006-7028 | 0.00 | — | 0.02 | Feb 23, 2007 | Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it… | |||
| CVE-2007-0914 | 0.00 | — | 0.02 | Feb 14, 2007 | Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors. | |||
| CVE-2007-0895 | 0.00 | — | 0.00 | Feb 13, 2007 | Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which… | |||
| CVE-2007-0668 | 0.00 | — | 0.00 | Feb 2, 2007 | The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service. | |||
| CVE-2007-0503 | 0.00 | — | 0.00 | Jan 25, 2007 | Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors. | |||
| CVE-2007-0470 | 0.00 | — | 0.00 | Jan 24, 2007 | Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors. | |||
| CVE-2007-0393 | 0.00 | — | 0.00 | Jan 19, 2007 | Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | |||
| CVE-2006-6494 | 0.00 | — | 0.00 | Dec 13, 2006 | Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers. | |||
| CVE-2006-6495 | 0.00 | — | 0.00 | Dec 13, 2006 | Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege… | |||
| CVE-2006-6275 | 0.00 | — | 0.00 | Dec 4, 2006 | Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals. |
- CVE-2007-3069Jun 6, 2007risk 0.00cvss —epss 0.00
xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence.
- CVE-2007-2989Jun 1, 2007risk 0.00cvss —epss 0.03
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue…
- CVE-2007-2990Jun 1, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file.
- CVE-2007-2882May 30, 2007risk 0.00cvss —epss 0.03
Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.
- CVE-2007-2529May 9, 2007risk 0.00cvss —epss 0.00
Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL.
- CVE-2007-2465May 2, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath…
- CVE-2007-1681Apr 19, 2007risk 0.00cvss —epss 0.05
Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a…
- CVE-2007-2045Apr 16, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.
- CVE-2007-1794Apr 2, 2007risk 0.00cvss —epss 0.04
The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to…
- CVE-2006-7140Mar 7, 2007risk 0.00cvss —epss 0.01
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents…
- CVE-2006-7028Feb 23, 2007risk 0.00cvss —epss 0.02
Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it…
- CVE-2007-0914Feb 14, 2007risk 0.00cvss —epss 0.02
Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors.
- CVE-2007-0895Feb 13, 2007risk 0.00cvss —epss 0.00
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which…
- CVE-2007-0668Feb 2, 2007risk 0.00cvss —epss 0.00
The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service.
- CVE-2007-0503Jan 25, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
- CVE-2007-0470Jan 24, 2007risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
- CVE-2007-0393Jan 19, 2007risk 0.00cvss —epss 0.00
Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.
- CVE-2006-6494Dec 13, 2006risk 0.00cvss —epss 0.00
Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers.
- CVE-2006-6495Dec 13, 2006risk 0.00cvss —epss 0.00
Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege…
- CVE-2006-6275Dec 4, 2006risk 0.00cvss —epss 0.00
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
Page 15 of 25