Solaris
CVEs (498)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0471 | 0.03 | — | 0.01 | Jun 14, 2000 | Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. | |||
| CVE-2000-0407 | 0.03 | — | 0.01 | May 12, 2000 | Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. | |||
| CVE-2000-0317 | 0.03 | — | 0.01 | Apr 24, 2000 | Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. | |||
| CVE-2000-0316 | 0.03 | — | 0.01 | Apr 24, 2000 | Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. | |||
| CVE-2000-0337 | 0.03 | — | 0.01 | Apr 24, 2000 | Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. | |||
| CVE-1999-1587 | 0.03 | — | 0.01 | Dec 31, 1999 | /usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option. | |||
| CVE-2000-0032 | 0.03 | — | 0.03 | Dec 22, 1999 | Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database. | |||
| CVE-1999-0973 | 0.03 | — | 0.03 | Dec 7, 1999 | Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | |||
| CVE-1999-0860 | 0.03 | — | 0.01 | Dec 1, 1999 | Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. | |||
| CVE-1999-0859 | 0.03 | — | 0.01 | Dec 1, 1999 | Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. | |||
| CVE-1999-0818 | 0.03 | — | 0.01 | Nov 20, 1999 | Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. | |||
| CVE-1999-0949 | 0.03 | — | 0.01 | Nov 2, 1999 | Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. | |||
| CVE-1999-0948 | 0.03 | — | 0.01 | Nov 2, 1999 | Buffer overflow in uum program for Canna input system allows local users to gain root privileges. | |||
| CVE-1999-0908 | 0.03 | — | 0.02 | Sep 23, 1999 | Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. | |||
| CVE-1999-0786 | 0.03 | — | 0.01 | Sep 22, 1999 | The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. | |||
| CVE-1999-1014 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. | |||
| CVE-1999-0689 | 0.03 | — | 0.01 | Sep 13, 1999 | The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. | |||
| CVE-1999-0691 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||
| CVE-1999-0767 | 0.03 | — | 0.01 | Sep 8, 1999 | Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | |||
| CVE-1999-0674 | 0.03 | — | 0.01 | Aug 9, 1999 | The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. |
- CVE-2000-0471Jun 14, 2000risk 0.03cvss —epss 0.01
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
- CVE-2000-0407May 12, 2000risk 0.03cvss —epss 0.01
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
- CVE-2000-0317Apr 24, 2000risk 0.03cvss —epss 0.01
Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.
- CVE-2000-0316Apr 24, 2000risk 0.03cvss —epss 0.01
Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option.
- CVE-2000-0337Apr 24, 2000risk 0.03cvss —epss 0.01
Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter.
- CVE-1999-1587Dec 31, 1999risk 0.03cvss —epss 0.01
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.
- CVE-2000-0032Dec 22, 1999risk 0.03cvss —epss 0.03
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
- CVE-1999-0973Dec 7, 1999risk 0.03cvss —epss 0.03
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
- CVE-1999-0860Dec 1, 1999risk 0.03cvss —epss 0.01
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
- CVE-1999-0859Dec 1, 1999risk 0.03cvss —epss 0.01
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
- CVE-1999-0818Nov 20, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.
- CVE-1999-0949Nov 2, 1999risk 0.03cvss —epss 0.01
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
- CVE-1999-0948Nov 2, 1999risk 0.03cvss —epss 0.01
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
- CVE-1999-0908Sep 23, 1999risk 0.03cvss —epss 0.02
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
- CVE-1999-0786Sep 22, 1999risk 0.03cvss —epss 0.01
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
- CVE-1999-1014Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
- CVE-1999-0689Sep 13, 1999risk 0.03cvss —epss 0.01
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
- CVE-1999-0691Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
- CVE-1999-0767Sep 8, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
- CVE-1999-0674Aug 9, 1999risk 0.03cvss —epss 0.01
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
Page 5 of 25