VYPR

Solaris

by Sun Corporation

CVEs (498)

  • CVE-1999-1413Aug 3, 1996
    risk 0.03cvss epss 0.01

    Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.

  • CVE-2003-0196May 5, 2003
    risk 0.02cvss epss 0.23

    Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

  • CVE-2002-0679Sep 5, 2002
    risk 0.02cvss epss 0.23

    Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.

  • CVE-2002-0084Mar 15, 2002
    risk 0.02cvss epss 0.21

    Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.

  • CVE-2008-3870May 26, 2009
    risk 0.01cvss epss 0.08

    Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.

  • CVE-2008-3869May 26, 2009
    risk 0.01cvss epss 0.08

    Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.

  • CVE-2008-2144May 12, 2008
    risk 0.01cvss epss 0.17

    Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.

  • CVE-2005-0488Jun 14, 2005
    risk 0.01cvss epss 0.17

    Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

  • CVE-2004-1307Dec 21, 2004
    risk 0.01cvss epss 0.06

    Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a…

  • CVE-2004-0523Aug 18, 2004
    risk 0.01cvss epss 0.12

    Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

  • CVE-2004-1082Feb 3, 2004
    risk 0.01cvss epss 0.08

    mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.

  • CVE-2003-0028Mar 25, 2003
    risk 0.01cvss epss 0.15

    Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in…

  • CVE-2002-0677Jul 23, 2002
    risk 0.01cvss epss 0.07

    CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

  • CVE-2002-0678Jul 23, 2002
    risk 0.01cvss epss 0.09

    CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

  • CVE-2002-0573Jul 3, 2002
    risk 0.01cvss epss 0.09

    Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.

  • CVE-2001-1328Jun 22, 2001
    risk 0.01cvss epss 0.17

    Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.

  • CVE-1999-0057Nov 16, 1998
    risk 0.01cvss epss 0.08

    Vacation program allows command execution by remote users through a sendmail command.

  • CVE-1999-0185Oct 1, 1997
    risk 0.01cvss epss 0.07

    In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.

  • CVE-2009-4774Apr 21, 2010
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different…

  • CVE-2010-0310Jan 14, 2010
    risk 0.00cvss epss 0.00

    Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates.

Page 7 of 25