Solaris
CVEs (498)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0118 | 0.03 | — | 0.01 | Jun 9, 1999 | The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. | |||
| CVE-1999-0493 | 0.03 | — | 0.04 | Jun 7, 1999 | rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. | |||
| CVE-1999-0773 | 0.03 | — | 0.01 | May 11, 1999 | Buffer overflow in Solaris lpset program allows local users to gain root access. | |||
| CVE-1999-0410 | 0.03 | — | 0.01 | Mar 5, 1999 | The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. | |||
| CVE-1999-0442 | 0.03 | — | 0.01 | Jan 7, 1999 | Solaris ff.core allows local users to modify files. | |||
| CVE-1999-0321 | 0.03 | — | 0.01 | Dec 1, 1998 | Buffer overflow in Solaris kcms_configure command allows local users to gain root access. | |||
| CVE-1999-1432 | 0.03 | — | 0.02 | Jul 16, 1998 | Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after… | |||
| CVE-1999-0125 | 0.03 | — | 0.01 | Jan 25, 1998 | Buffer overflow in SGI IRIX mailx program. | |||
| CVE-1999-0210 | 0.03 | — | 0.06 | Nov 26, 1997 | Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. | |||
| CVE-1999-0301 | 0.03 | — | 0.01 | Aug 1, 1997 | Buffer overflow in SunOS/Solaris ps command. | |||
| CVE-1999-1423 | 0.03 | — | 0.01 | Jun 26, 1997 | ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. | |||
| CVE-1999-1191 | 0.03 | — | 0.02 | May 19, 1997 | Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | |||
| CVE-1999-1402 | 0.03 | — | 0.01 | May 17, 1997 | The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | |||
| CVE-1999-1158 | 0.03 | — | 0.01 | May 13, 1997 | Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd. | |||
| CVE-1999-0040 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | |||
| CVE-1999-0315 | 0.03 | — | 0.01 | Apr 1, 1997 | Buffer overflow in Solaris fdformat command gives root access to local users. | |||
| CVE-1999-0109 | 0.03 | — | 0.01 | Feb 10, 1997 | Buffer overflow in ffbconfig in Solaris 2.5.1. | |||
| CVE-1999-0369 | 0.03 | — | 0.01 | Feb 1, 1997 | The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. | |||
| CVE-1999-0051 | 0.03 | — | 0.01 | Jan 6, 1997 | Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. | |||
| CVE-1999-1026 | 0.03 | — | 0.01 | Dec 20, 1996 | aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file. |
- CVE-2000-0118Jun 9, 1999risk 0.03cvss —epss 0.01
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
- CVE-1999-0493Jun 7, 1999risk 0.03cvss —epss 0.04
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
- CVE-1999-0773May 11, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris lpset program allows local users to gain root access.
- CVE-1999-0410Mar 5, 1999risk 0.03cvss —epss 0.01
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
- CVE-1999-0442Jan 7, 1999risk 0.03cvss —epss 0.01
Solaris ff.core allows local users to modify files.
- CVE-1999-0321Dec 1, 1998risk 0.03cvss —epss 0.01
Buffer overflow in Solaris kcms_configure command allows local users to gain root access.
- CVE-1999-1432Jul 16, 1998risk 0.03cvss —epss 0.02
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after…
- CVE-1999-0125Jan 25, 1998risk 0.03cvss —epss 0.01
Buffer overflow in SGI IRIX mailx program.
- CVE-1999-0210Nov 26, 1997risk 0.03cvss —epss 0.06
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
- CVE-1999-0301Aug 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in SunOS/Solaris ps command.
- CVE-1999-1423Jun 26, 1997risk 0.03cvss —epss 0.01
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
- CVE-1999-1191May 19, 1997risk 0.03cvss —epss 0.02
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
- CVE-1999-1402May 17, 1997risk 0.03cvss —epss 0.01
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
- CVE-1999-1158May 13, 1997risk 0.03cvss —epss 0.01
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.
- CVE-1999-0040May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
- CVE-1999-0315Apr 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Solaris fdformat command gives root access to local users.
- CVE-1999-0109Feb 10, 1997risk 0.03cvss —epss 0.01
Buffer overflow in ffbconfig in Solaris 2.5.1.
- CVE-1999-0369Feb 1, 1997risk 0.03cvss —epss 0.01
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
- CVE-1999-0051Jan 6, 1997risk 0.03cvss —epss 0.01
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
- CVE-1999-1026Dec 20, 1996risk 0.03cvss —epss 0.01
aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.
Page 6 of 25