VYPR

Sunos

by Sun Corporation

CVEs (563)

  • CVE-1999-0209Aug 14, 1990
    risk 0.07cvss epss 0.49

    The SunView (SunTools) selection_svc facility allows remote users to read files.

  • CVE-2012-0217Jun 12, 2012
    risk 0.06cvss epss 0.37

    The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta…

  • CVE-2010-2632Jan 19, 2011
    risk 0.06cvss epss 0.32

    Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this…

  • CVE-2003-0161Apr 2, 2003
    risk 0.06cvss epss 0.38

    The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control…

  • CVE-2001-0554Aug 14, 2001
    risk 0.06cvss epss 0.38

    Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

  • CVE-1999-0015Dec 16, 1997
    risk 0.06cvss epss 0.36

    Teardrop IP denial of service.

  • CVE-2005-4797Dec 31, 2005
    risk 0.05cvss epss 0.29

    Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.

  • CVE-2004-0791Apr 12, 2005
    risk 0.05cvss epss 0.20

    Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790,…

  • CVE-2003-0027Feb 7, 2003
    risk 0.05cvss epss 0.26

    Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

  • CVE-2002-1317Dec 11, 2002
    risk 0.05cvss epss 0.24

    Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

  • CVE-2002-0033May 29, 2002
    risk 0.05cvss epss 0.23

    Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.

  • CVE-1999-0003Apr 1, 1998
    risk 0.05cvss epss 0.24

    Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

  • CVE-2010-4435Jan 19, 2011
    risk 0.04cvss epss 0.14

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has…

  • CVE-2008-4619Oct 21, 2008
    risk 0.04cvss epss 0.12

    The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of…

  • CVE-2008-0964Aug 8, 2008
    risk 0.04cvss epss 0.14

    Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

  • CVE-2007-0165Jan 10, 2007
    risk 0.04cvss epss 0.09

    Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.

  • CVE-2005-3398Nov 1, 2005
    risk 0.04cvss epss 0.13

    The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.

  • CVE-2002-0436Jul 26, 2002
    risk 0.04cvss epss 0.12

    sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.

  • CVE-2000-0844Nov 14, 2000
    risk 0.04cvss epss 0.15

    Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

  • CVE-1999-0977Dec 10, 1999
    risk 0.04cvss epss 0.13

    Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.

Page 2 of 29