VYPR

Solaris

by Sun Corporation

CVEs (498)

  • CVE-2000-0118Jun 9, 1999
    risk 0.03cvss epss 0.01

    The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

  • CVE-1999-0493Jun 7, 1999
    risk 0.03cvss epss 0.04

    rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.

  • CVE-1999-0773May 11, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in Solaris lpset program allows local users to gain root access.

  • CVE-1999-0410Mar 5, 1999
    risk 0.03cvss epss 0.01

    The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.

  • CVE-1999-0442Jan 7, 1999
    risk 0.03cvss epss 0.01

    Solaris ff.core allows local users to modify files.

  • CVE-1999-0321Dec 1, 1998
    risk 0.03cvss epss 0.01

    Buffer overflow in Solaris kcms_configure command allows local users to gain root access.

  • CVE-1999-1432Jul 16, 1998
    risk 0.03cvss epss 0.02

    Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after…

  • CVE-1999-0125Jan 25, 1998
    risk 0.03cvss epss 0.01

    Buffer overflow in SGI IRIX mailx program.

  • CVE-1999-0210Nov 26, 1997
    risk 0.03cvss epss 0.06

    Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.

  • CVE-1999-0301Aug 1, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in SunOS/Solaris ps command.

  • CVE-1999-1423Jun 26, 1997
    risk 0.03cvss epss 0.01

    ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

  • CVE-1999-1191May 19, 1997
    risk 0.03cvss epss 0.02

    Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

  • CVE-1999-1402May 17, 1997
    risk 0.03cvss epss 0.01

    The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

  • CVE-1999-1158May 13, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.

  • CVE-1999-0040May 1, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

  • CVE-1999-0315Apr 1, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in Solaris fdformat command gives root access to local users.

  • CVE-1999-0109Feb 10, 1997
    risk 0.03cvss epss 0.01

    Buffer overflow in ffbconfig in Solaris 2.5.1.

  • CVE-1999-0369Feb 1, 1997
    risk 0.03cvss epss 0.01

    The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

  • CVE-1999-0051Jan 6, 1997
    risk 0.03cvss epss 0.01

    Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

  • CVE-1999-1026Dec 20, 1996
    risk 0.03cvss epss 0.01

    aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.

Page 6 of 25