VYPR

Solaris

by Sun Corporation

CVEs (498)

  • CVE-2003-1069Jun 3, 2003
    risk 0.00cvss epss 0.02

    The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).

  • CVE-2003-1072Apr 28, 2003
    risk 0.00cvss epss 0.00

    Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).

  • CVE-2003-1070Apr 28, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).

  • CVE-2003-0092Apr 2, 2003
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

  • CVE-2003-0091Apr 2, 2003
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

  • CVE-2003-1074Mar 28, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.

  • CVE-2003-1077Mar 5, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang).

  • CVE-2003-0064Mar 3, 2003
    risk 0.00cvss epss 0.03

    The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker…

  • CVE-2003-1078Feb 28, 2003
    risk 0.00cvss epss 0.01

    The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.

  • CVE-2003-0058Feb 19, 2003
    risk 0.00cvss epss 0.05

    MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

  • CVE-2003-1079Feb 18, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.

  • CVE-2003-1075Jan 27, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.

  • CVE-2002-1763Dec 31, 2002
    risk 0.00cvss epss 0.00

    The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session.

  • CVE-2002-1871Dec 31, 2002
    risk 0.00cvss epss 0.00

    pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.

  • CVE-2002-2327Dec 31, 2002
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties.

  • CVE-2002-1980Dec 31, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.

  • CVE-2002-2089Dec 31, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.

  • CVE-2002-2203Dec 31, 2002
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.

  • CVE-2002-2197Dec 31, 2002
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.

  • CVE-2002-1584Dec 27, 2002
    risk 0.00cvss epss 0.06

    Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

Page 21 of 25