Solaris
CVEs (497)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0353 | 0.00 | — | 0.04 | Jul 21, 2001 | Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine. | |||
| CVE-2001-0470 | 0.00 | — | 0.00 | Jun 27, 2001 | Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name. | |||
| CVE-2001-0190 | 0.00 | — | 0.00 | Mar 26, 2001 | Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). | |||
| CVE-2001-0124 | 0.00 | — | 0.00 | Mar 12, 2001 | Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. | |||
| CVE-2000-0055 | 0.00 | — | 0.00 | Jan 6, 2000 | Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. | |||
| CVE-1999-1585 | 0.00 | — | 0.00 | Dec 31, 1999 | The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges. | |||
| CVE-2000-0030 | 0.00 | — | 0.01 | Dec 22, 1999 | Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. | |||
| CVE-1999-0974 | 0.00 | — | 0.03 | Dec 9, 1999 | Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. | |||
| CVE-1999-0982 | 0.00 | — | 0.00 | Dec 5, 1999 | The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||
| CVE-1999-0837 | 0.00 | — | 0.03 | Nov 10, 1999 | Denial of service in BIND by improperly closing TCP sessions via so_linger. | |||
| CVE-1999-0833 | 0.00 | — | 0.02 | Nov 10, 1999 | Buffer overflow in BIND 8.2 via NXT records. | |||
| CVE-1999-0687 | 0.00 | — | 0.02 | Sep 13, 1999 | The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | |||
| CVE-1999-0676 | 0.00 | — | 0.00 | Aug 9, 1999 | sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. | |||
| CVE-1999-0223 | 0.00 | — | 0.00 | Mar 1, 1999 | Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | |||
| CVE-1999-0370 | 0.00 | — | 0.00 | Feb 10, 1999 | In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. | |||
| CVE-1999-0952 | 0.00 | — | 0.00 | Jan 28, 1999 | Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. | |||
| CVE-1999-0568 | 0.00 | — | 0.02 | Jan 1, 1999 | rpc.admind in Solaris is not running in a secure mode. | |||
| CVE-1999-0188 | 0.00 | — | 0.00 | Dec 17, 1998 | The passwd command in Solaris can be subjected to a denial of service. | |||
| CVE-1999-0139 | 0.00 | — | 0.00 | Dec 12, 1998 | Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. | |||
| CVE-1999-1025 | 0.00 | — | 0.00 | Nov 12, 1998 | CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string. |
- CVE-2001-0353Jul 21, 2001risk 0.00cvss —epss 0.04
Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.
- CVE-2001-0470Jun 27, 2001risk 0.00cvss —epss 0.00
Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.
- CVE-2001-0190Mar 26, 2001risk 0.00cvss —epss 0.00
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
- CVE-2001-0124Mar 12, 2001risk 0.00cvss —epss 0.00
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
- CVE-2000-0055Jan 6, 2000risk 0.00cvss —epss 0.00
Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.
- CVE-1999-1585Dec 31, 1999risk 0.00cvss —epss 0.00
The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges.
- CVE-2000-0030Dec 22, 1999risk 0.00cvss —epss 0.01
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
- CVE-1999-0974Dec 9, 1999risk 0.00cvss —epss 0.03
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
- CVE-1999-0982Dec 5, 1999risk 0.00cvss —epss 0.00
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
- CVE-1999-0837Nov 10, 1999risk 0.00cvss —epss 0.03
Denial of service in BIND by improperly closing TCP sessions via so_linger.
- CVE-1999-0833Nov 10, 1999risk 0.00cvss —epss 0.02
Buffer overflow in BIND 8.2 via NXT records.
- CVE-1999-0687Sep 13, 1999risk 0.00cvss —epss 0.02
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
- CVE-1999-0676Aug 9, 1999risk 0.00cvss —epss 0.00
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
- CVE-1999-0223Mar 1, 1999risk 0.00cvss —epss 0.00
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
- CVE-1999-0370Feb 10, 1999risk 0.00cvss —epss 0.00
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
- CVE-1999-0952Jan 28, 1999risk 0.00cvss —epss 0.00
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
- CVE-1999-0568Jan 1, 1999risk 0.00cvss —epss 0.02
rpc.admind in Solaris is not running in a secure mode.
- CVE-1999-0188Dec 17, 1998risk 0.00cvss —epss 0.00
The passwd command in Solaris can be subjected to a denial of service.
- CVE-1999-0139Dec 12, 1998risk 0.00cvss —epss 0.00
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.
- CVE-1999-1025Nov 12, 1998risk 0.00cvss —epss 0.00
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
Page 23 of 25