Solaris
CVEs (498)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-1069 | 0.00 | — | 0.02 | Jun 3, 2003 | The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop). | |||
| CVE-2003-1072 | 0.00 | — | 0.00 | Apr 28, 2003 | Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption). | |||
| CVE-2003-1070 | 0.00 | — | 0.02 | Apr 28, 2003 | Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). | |||
| CVE-2003-0092 | 0.00 | — | 0.00 | Apr 2, 2003 | Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable. | |||
| CVE-2003-0091 | 0.00 | — | 0.00 | Apr 2, 2003 | Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege. | |||
| CVE-2003-1074 | 0.00 | — | 0.00 | Mar 28, 2003 | Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. | |||
| CVE-2003-1077 | 0.00 | — | 0.00 | Mar 5, 2003 | Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). | |||
| CVE-2003-0064 | 0.00 | — | 0.03 | Mar 3, 2003 | The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker… | |||
| CVE-2003-1078 | 0.00 | — | 0.01 | Feb 28, 2003 | The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. | |||
| CVE-2003-0058 | 0.00 | — | 0.05 | Feb 19, 2003 | MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | |||
| CVE-2003-1079 | 0.00 | — | 0.02 | Feb 18, 2003 | Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. | |||
| CVE-2003-1075 | 0.00 | — | 0.02 | Jan 27, 2003 | Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. | |||
| CVE-2002-1763 | 0.00 | — | 0.00 | Dec 31, 2002 | The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session. | |||
| CVE-2002-1871 | 0.00 | — | 0.00 | Dec 31, 2002 | pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | |||
| CVE-2002-2327 | 0.00 | — | 0.00 | Dec 31, 2002 | Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. | |||
| CVE-2002-1980 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. | |||
| CVE-2002-2089 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument. | |||
| CVE-2002-2203 | 0.00 | — | 0.00 | Dec 31, 2002 | Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. | |||
| CVE-2002-2197 | 0.00 | — | 0.00 | Dec 31, 2002 | Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. | |||
| CVE-2002-1584 | 0.00 | — | 0.06 | Dec 27, 2002 | Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. |
- CVE-2003-1069Jun 3, 2003risk 0.00cvss —epss 0.02
The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).
- CVE-2003-1072Apr 28, 2003risk 0.00cvss —epss 0.00
Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).
- CVE-2003-1070Apr 28, 2003risk 0.00cvss —epss 0.02
Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).
- CVE-2003-0092Apr 2, 2003risk 0.00cvss —epss 0.00
Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.
- CVE-2003-0091Apr 2, 2003risk 0.00cvss —epss 0.00
Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.
- CVE-2003-1074Mar 28, 2003risk 0.00cvss —epss 0.00
Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.
- CVE-2003-1077Mar 5, 2003risk 0.00cvss —epss 0.00
Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang).
- CVE-2003-0064Mar 3, 2003risk 0.00cvss —epss 0.03
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker…
- CVE-2003-1078Feb 28, 2003risk 0.00cvss —epss 0.01
The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.
- CVE-2003-0058Feb 19, 2003risk 0.00cvss —epss 0.05
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
- CVE-2003-1079Feb 18, 2003risk 0.00cvss —epss 0.02
Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.
- CVE-2003-1075Jan 27, 2003risk 0.00cvss —epss 0.02
Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.
- CVE-2002-1763Dec 31, 2002risk 0.00cvss —epss 0.00
The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session.
- CVE-2002-1871Dec 31, 2002risk 0.00cvss —epss 0.00
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.
- CVE-2002-2327Dec 31, 2002risk 0.00cvss —epss 0.00
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties.
- CVE-2002-1980Dec 31, 2002risk 0.00cvss —epss 0.00
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.
- CVE-2002-2089Dec 31, 2002risk 0.00cvss —epss 0.00
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.
- CVE-2002-2203Dec 31, 2002risk 0.00cvss —epss 0.00
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.
- CVE-2002-2197Dec 31, 2002risk 0.00cvss —epss 0.00
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
- CVE-2002-1584Dec 27, 2002risk 0.00cvss —epss 0.06
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
Page 21 of 25