Sunos
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0209 | 0.07 | — | 0.49 | Aug 14, 1990 | The SunView (SunTools) selection_svc facility allows remote users to read files. | |||
| CVE-2012-0217 | 0.06 | — | 0.37 | Jun 12, 2012 | The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta… | |||
| CVE-2010-2632 | 0.06 | — | 0.32 | Jan 19, 2011 | Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this… | |||
| CVE-2003-0161 | 0.06 | — | 0.38 | Apr 2, 2003 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control… | |||
| CVE-2001-0554 | 0.06 | — | 0.38 | Aug 14, 2001 | Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | |||
| CVE-1999-0015 | 0.06 | — | 0.36 | Dec 16, 1997 | Teardrop IP denial of service. | |||
| CVE-2005-4797 | 0.05 | — | 0.29 | Dec 31, 2005 | Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command. | |||
| CVE-2004-0791 | 0.05 | — | 0.20 | Apr 12, 2005 | Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790,… | |||
| CVE-2003-0027 | 0.05 | — | 0.26 | Feb 7, 2003 | Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. | |||
| CVE-2002-1317 | 0.05 | — | 0.24 | Dec 11, 2002 | Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | |||
| CVE-2002-0033 | 0.05 | — | 0.23 | May 29, 2002 | Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. | |||
| CVE-1999-0003 | 0.05 | — | 0.24 | Apr 1, 1998 | Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). | |||
| CVE-2010-4435 | 0.04 | — | 0.14 | Jan 19, 2011 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has… | |||
| CVE-2008-4619 | 0.04 | — | 0.12 | Oct 21, 2008 | The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of… | |||
| CVE-2008-0964 | 0.04 | — | 0.14 | Aug 8, 2008 | Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | |||
| CVE-2007-0165 | 0.04 | — | 0.09 | Jan 10, 2007 | Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind. | |||
| CVE-2005-3398 | 0.04 | — | 0.13 | Nov 1, 2005 | The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. | |||
| CVE-2002-0436 | 0.04 | — | 0.12 | Jul 26, 2002 | sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. | |||
| CVE-2000-0844 | 0.04 | — | 0.15 | Nov 14, 2000 | Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||
| CVE-1999-0977 | 0.04 | — | 0.13 | Dec 10, 1999 | Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. |
- CVE-1999-0209Aug 14, 1990risk 0.07cvss —epss 0.49
The SunView (SunTools) selection_svc facility allows remote users to read files.
- CVE-2012-0217Jun 12, 2012risk 0.06cvss —epss 0.37
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta…
- CVE-2010-2632Jan 19, 2011risk 0.06cvss —epss 0.32
Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this…
- CVE-2003-0161Apr 2, 2003risk 0.06cvss —epss 0.38
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control…
- CVE-2001-0554Aug 14, 2001risk 0.06cvss —epss 0.38
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
- CVE-1999-0015Dec 16, 1997risk 0.06cvss —epss 0.36
Teardrop IP denial of service.
- CVE-2005-4797Dec 31, 2005risk 0.05cvss —epss 0.29
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
- CVE-2004-0791Apr 12, 2005risk 0.05cvss —epss 0.20
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790,…
- CVE-2003-0027Feb 7, 2003risk 0.05cvss —epss 0.26
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
- CVE-2002-1317Dec 11, 2002risk 0.05cvss —epss 0.24
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
- CVE-2002-0033May 29, 2002risk 0.05cvss —epss 0.23
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
- CVE-1999-0003Apr 1, 1998risk 0.05cvss —epss 0.24
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
- CVE-2010-4435Jan 19, 2011risk 0.04cvss —epss 0.14
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has…
- CVE-2008-4619Oct 21, 2008risk 0.04cvss —epss 0.12
The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of…
- CVE-2008-0964Aug 8, 2008risk 0.04cvss —epss 0.14
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.
- CVE-2007-0165Jan 10, 2007risk 0.04cvss —epss 0.09
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
- CVE-2005-3398Nov 1, 2005risk 0.04cvss —epss 0.13
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
- CVE-2002-0436Jul 26, 2002risk 0.04cvss —epss 0.12
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
- CVE-2000-0844Nov 14, 2000risk 0.04cvss —epss 0.15
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
- CVE-1999-0977Dec 10, 1999risk 0.04cvss —epss 0.13
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
Page 2 of 29