VYPR

Solaris

by Sun Corporation

CVEs (498)

  • CVE-2004-1359Mar 4, 2004
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.

  • CVE-2004-1360Feb 27, 2004
    risk 0.00cvss epss 0.00

    Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.

  • CVE-2004-1180Feb 16, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

  • CVE-2003-0999Jan 5, 2004
    risk 0.00cvss epss 0.00

    Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.

  • CVE-2003-1066Dec 31, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.

  • CVE-2003-1082Dec 31, 2003
    risk 0.00cvss epss 0.00

    Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068.

  • CVE-2003-1076Dec 31, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.

  • CVE-2003-0914Dec 15, 2003
    risk 0.00cvss epss 0.03

    ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

  • CVE-2003-1056Dec 11, 2003
    risk 0.00cvss epss 0.00

    The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.

  • CVE-2003-1057Dec 8, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.

  • CVE-2003-1058Dec 3, 2003
    risk 0.00cvss epss 0.00

    The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.

  • CVE-2003-1059Nov 20, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.

  • CVE-2003-1060Oct 27, 2003
    risk 0.00cvss epss 0.02

    The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.

  • CVE-2003-1062Oct 15, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory.

  • CVE-2003-1061Oct 14, 2003
    risk 0.00cvss epss 0.00

    Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.

  • CVE-2003-1081Sep 9, 2003
    risk 0.00cvss epss 0.02

    Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.

  • CVE-2003-0669Aug 27, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.

  • CVE-2003-1063Aug 20, 2003
    risk 0.00cvss epss 0.02

    The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.

  • CVE-2003-1067Jun 19, 2003
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.

  • CVE-2003-1068Jun 6, 2003
    risk 0.00cvss epss 0.00

    Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.

Page 20 of 25