Sunos
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-3099 | 0.00 | — | 0.00 | Sep 28, 2005 | Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code. | |||
| CVE-2005-3071 | 0.00 | — | 0.00 | Sep 27, 2005 | Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. | |||
| CVE-2005-2032 | 0.00 | — | 0.00 | Jun 16, 2005 | Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. | |||
| CVE-2005-1591 | 0.00 | — | 0.01 | May 16, 2005 | Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors. | |||
| CVE-2005-1518 | 0.00 | — | 0.00 | May 11, 2005 | Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. | |||
| CVE-2005-0816 | 0.00 | — | 0.00 | May 2, 2005 | Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. | |||
| CVE-2005-0248 | 0.00 | — | 0.01 | May 2, 2005 | The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts. | |||
| CVE-2005-0426 | 0.00 | — | 0.02 | May 2, 2005 | Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference. | |||
| CVE-2005-1124 | 0.00 | — | 0.00 | May 2, 2005 | Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API. | |||
| CVE-2004-0481 | 0.00 | — | 0.00 | Feb 23, 2005 | The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. | |||
| CVE-2005-0447 | 0.00 | — | 0.02 | Feb 15, 2005 | Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets. | |||
| CVE-2004-0780 | 0.00 | — | 0.01 | Dec 31, 2004 | Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument. | |||
| CVE-2004-1393 | 0.00 | — | 0.03 | Dec 31, 2004 | Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | |||
| CVE-2004-1394 | 0.00 | — | 0.00 | Dec 31, 2004 | The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges. | |||
| CVE-2004-2306 | 0.00 | — | 0.00 | Dec 31, 2004 | Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | |||
| CVE-2004-1767 | 0.00 | — | 0.00 | Dec 31, 2004 | The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. | |||
| CVE-2004-1351 | 0.00 | — | 0.06 | Dec 7, 2004 | Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. | |||
| CVE-2004-0496 | 0.00 | — | 0.00 | Dec 6, 2004 | Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | |||
| CVE-2004-1352 | 0.00 | — | 0.01 | Dec 1, 2004 | Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. | |||
| CVE-2004-1353 | 0.00 | — | 0.00 | Oct 19, 2004 | Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges. |
- CVE-2005-3099Sep 28, 2005risk 0.00cvss —epss 0.00
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.
- CVE-2005-3071Sep 27, 2005risk 0.00cvss —epss 0.00
Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS.
- CVE-2005-2032Jun 16, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.
- CVE-2005-1591May 16, 2005risk 0.00cvss —epss 0.01
Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.
- CVE-2005-1518May 11, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500.
- CVE-2005-0816May 2, 2005risk 0.00cvss —epss 0.00
Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges.
- CVE-2005-0248May 2, 2005risk 0.00cvss —epss 0.01
The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.
- CVE-2005-0426May 2, 2005risk 0.00cvss —epss 0.02
Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.
- CVE-2005-1124May 2, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API.
- CVE-2004-0481Feb 23, 2005risk 0.00cvss —epss 0.00
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.
- CVE-2005-0447Feb 15, 2005risk 0.00cvss —epss 0.02
Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.
- CVE-2004-0780Dec 31, 2004risk 0.00cvss —epss 0.01
Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.
- CVE-2004-1393Dec 31, 2004risk 0.00cvss —epss 0.03
Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang).
- CVE-2004-1394Dec 31, 2004risk 0.00cvss —epss 0.00
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.
- CVE-2004-2306Dec 31, 2004risk 0.00cvss —epss 0.00
Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection.
- CVE-2004-1767Dec 31, 2004risk 0.00cvss —epss 0.00
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function.
- CVE-2004-1351Dec 7, 2004risk 0.00cvss —epss 0.06
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code.
- CVE-2004-0496Dec 6, 2004risk 0.00cvss —epss 0.00
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
- CVE-2004-1352Dec 1, 2004risk 0.00cvss —epss 0.01
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.
- CVE-2004-1353Oct 19, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges.
Page 20 of 29