Sunos
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-0391 | Cri | 0.68 | 9.8 | 0.58 | Aug 12, 2002 | Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as… | ||
| CVE-1999-0069 | Hig | 0.58 | 8.4 | 0.01 | Apr 29, 1998 | Solaris ufsrestore buffer overflow. | ||
| CVE-1999-0038 | Hig | 0.58 | 8.4 | 0.01 | Apr 26, 1997 | Buffer overflow in xlock program allows local users to execute commands as root. | ||
| CVE-1999-0022 | Hig | 0.51 | 7.8 | 0.01 | Jul 3, 1996 | Local user gains root privileges via buffer overflow in rdist, via expstr() function. | ||
| CVE-1999-0517 | Med | 0.44 | 5.9 | 0.27 | Jan 1, 1997 | An SNMP community name is the default (e.g. public), null, or missing. | ||
| CVE-1999-0011 | Med | 0.36 | 5.4 | 0.05 | Apr 8, 1998 | Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | ||
| CVE-2007-0882 | 0.11 | — | 0.98 | Feb 12, 2007 | Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts,… | |||
| CVE-1999-0016 | 0.11 | — | 0.96 | Dec 1, 1997 | Land IP denial of service. | |||
| CVE-2003-0201 | 0.10 | — | 0.84 | May 5, 2003 | Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. | |||
| CVE-2001-1583 | 0.10 | — | 0.83 | Dec 31, 2001 | lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. | |||
| CVE-2001-0797 | 0.10 | — | 0.89 | Dec 12, 2001 | Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | |||
| CVE-2004-0790 | 0.09 | — | 0.81 | Apr 12, 2005 | Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on… | |||
| CVE-2002-1337 | 0.09 | — | 0.72 | Mar 7, 2003 | Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | |||
| CVE-2001-0236 | 0.09 | — | 0.72 | May 3, 2001 | Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event. | |||
| CVE-1999-0513 | 0.09 | — | 0.70 | Jan 5, 1998 | ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||
| CVE-1999-0128 | 0.09 | — | 0.74 | Dec 18, 1996 | Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. | |||
| CVE-2003-0694 | 0.08 | — | 0.60 | Oct 6, 2003 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||
| CVE-2001-0779 | 0.08 | — | 0.62 | Oct 18, 2001 | Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. | |||
| CVE-1999-0502 | 0.07 | — | 0.52 | Mar 1, 1998 | A Unix account has a default, null, blank, or missing password. | |||
| CVE-1999-0046 | 0.07 | — | 0.53 | Feb 6, 1997 | Buffer overflow of rlogin program using TERM environmental variable. |
- risk 0.68cvss 9.8epss 0.58
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as…
- risk 0.58cvss 8.4epss 0.01
Solaris ufsrestore buffer overflow.
- risk 0.58cvss 8.4epss 0.01
Buffer overflow in xlock program allows local users to execute commands as root.
- risk 0.51cvss 7.8epss 0.01
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
- risk 0.44cvss 5.9epss 0.27
An SNMP community name is the default (e.g. public), null, or missing.
- risk 0.36cvss 5.4epss 0.05
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
- CVE-2007-0882Feb 12, 2007risk 0.11cvss —epss 0.98
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts,…
- CVE-1999-0016Dec 1, 1997risk 0.11cvss —epss 0.96
Land IP denial of service.
- CVE-2003-0201May 5, 2003risk 0.10cvss —epss 0.84
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
- CVE-2001-1583Dec 31, 2001risk 0.10cvss —epss 0.83
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
- CVE-2001-0797Dec 12, 2001risk 0.10cvss —epss 0.89
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
- CVE-2004-0790Apr 12, 2005risk 0.09cvss —epss 0.81
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on…
- CVE-2002-1337Mar 7, 2003risk 0.09cvss —epss 0.72
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
- CVE-2001-0236May 3, 2001risk 0.09cvss —epss 0.72
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.
- CVE-1999-0513Jan 5, 1998risk 0.09cvss —epss 0.70
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
- CVE-1999-0128Dec 18, 1996risk 0.09cvss —epss 0.74
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
- CVE-2003-0694Oct 6, 2003risk 0.08cvss —epss 0.60
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
- CVE-2001-0779Oct 18, 2001risk 0.08cvss —epss 0.62
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
- CVE-1999-0502Mar 1, 1998risk 0.07cvss —epss 0.52
A Unix account has a default, null, blank, or missing password.
- CVE-1999-0046Feb 6, 1997risk 0.07cvss —epss 0.53
Buffer overflow of rlogin program using TERM environmental variable.
Page 1 of 29