VYPR

Solaris

by Sun Corporation

CVEs (497)

  • CVE-2001-0353Jul 21, 2001
    risk 0.00cvss epss 0.04

    Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.

  • CVE-2001-0470Jun 27, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.

  • CVE-2001-0190Mar 26, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).

  • CVE-2001-0124Mar 12, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.

  • CVE-2000-0055Jan 6, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.

  • CVE-1999-1585Dec 31, 1999
    risk 0.00cvss epss 0.00

    The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges.

  • CVE-2000-0030Dec 22, 1999
    risk 0.00cvss epss 0.01

    Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.

  • CVE-1999-0974Dec 9, 1999
    risk 0.00cvss epss 0.03

    Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

  • CVE-1999-0982Dec 5, 1999
    risk 0.00cvss epss 0.00

    The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.

  • CVE-1999-0837Nov 10, 1999
    risk 0.00cvss epss 0.03

    Denial of service in BIND by improperly closing TCP sessions via so_linger.

  • CVE-1999-0833Nov 10, 1999
    risk 0.00cvss epss 0.02

    Buffer overflow in BIND 8.2 via NXT records.

  • CVE-1999-0687Sep 13, 1999
    risk 0.00cvss epss 0.02

    The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

  • CVE-1999-0676Aug 9, 1999
    risk 0.00cvss epss 0.00

    sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.

  • CVE-1999-0223Mar 1, 1999
    risk 0.00cvss epss 0.00

    Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.

  • CVE-1999-0370Feb 10, 1999
    risk 0.00cvss epss 0.00

    In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

  • CVE-1999-0952Jan 28, 1999
    risk 0.00cvss epss 0.00

    Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.

  • CVE-1999-0568Jan 1, 1999
    risk 0.00cvss epss 0.02

    rpc.admind in Solaris is not running in a secure mode.

  • CVE-1999-0188Dec 17, 1998
    risk 0.00cvss epss 0.00

    The passwd command in Solaris can be subjected to a denial of service.

  • CVE-1999-0139Dec 12, 1998
    risk 0.00cvss epss 0.00

    Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.

  • CVE-1999-1025Nov 12, 1998
    risk 0.00cvss epss 0.00

    CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.