Sunos
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1348 | 0.00 | — | 0.02 | Sep 6, 2004 | Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). | |||
| CVE-2004-0800 | 0.00 | — | 0.00 | Aug 24, 2004 | Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. | |||
| CVE-2004-0654 | 0.00 | — | 0.00 | Aug 6, 2004 | Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). | |||
| CVE-2004-1354 | 0.00 | — | 0.04 | May 14, 2004 | The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a… | |||
| CVE-2004-1355 | 0.00 | — | 0.00 | Apr 26, 2004 | Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | |||
| CVE-2004-1356 | 0.00 | — | 0.00 | Apr 23, 2004 | Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | |||
| CVE-2004-1359 | 0.00 | — | 0.00 | Mar 4, 2004 | Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. | |||
| CVE-2004-1180 | 0.00 | — | 0.02 | Feb 16, 2004 | Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). | |||
| CVE-2003-1024 | 0.00 | — | 0.00 | Jan 20, 2004 | Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges. | |||
| CVE-2003-0999 | 0.00 | — | 0.00 | Jan 5, 2004 | Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files. | |||
| CVE-2003-1066 | 0.00 | — | 0.03 | Dec 31, 2003 | Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. | |||
| CVE-2003-1082 | 0.00 | — | 0.00 | Dec 31, 2003 | Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068. | |||
| CVE-2003-1076 | 0.00 | — | 0.00 | Dec 31, 2003 | Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file. | |||
| CVE-2003-0914 | 0.00 | — | 0.03 | Dec 15, 2003 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||
| CVE-2003-1056 | 0.00 | — | 0.00 | Dec 11, 2003 | The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2003-1057 | 0.00 | — | 0.00 | Dec 8, 2003 | Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code. | |||
| CVE-2003-1058 | 0.00 | — | 0.00 | Dec 3, 2003 | The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files. | |||
| CVE-2003-1059 | 0.00 | — | 0.00 | Nov 20, 2003 | Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access. | |||
| CVE-2003-1060 | 0.00 | — | 0.02 | Oct 27, 2003 | The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference. | |||
| CVE-2003-1061 | 0.00 | — | 0.00 | Oct 14, 2003 | Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines. |
- CVE-2004-1348Sep 6, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
- CVE-2004-0800Aug 24, 2004risk 0.00cvss —epss 0.00
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
- CVE-2004-0654Aug 6, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).
- CVE-2004-1354May 14, 2004risk 0.00cvss —epss 0.04
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a…
- CVE-2004-1355Apr 26, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
- CVE-2004-1356Apr 23, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
- CVE-2004-1359Mar 4, 2004risk 0.00cvss —epss 0.00
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
- CVE-2004-1180Feb 16, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
- CVE-2003-1024Jan 20, 2004risk 0.00cvss —epss 0.00
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.
- CVE-2003-0999Jan 5, 2004risk 0.00cvss —epss 0.00
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
- CVE-2003-1066Dec 31, 2003risk 0.00cvss —epss 0.03
Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.
- CVE-2003-1082Dec 31, 2003risk 0.00cvss —epss 0.00
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068.
- CVE-2003-1076Dec 31, 2003risk 0.00cvss —epss 0.00
Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.
- CVE-2003-0914Dec 15, 2003risk 0.00cvss —epss 0.03
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
- CVE-2003-1056Dec 11, 2003risk 0.00cvss —epss 0.00
The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2003-1057Dec 8, 2003risk 0.00cvss —epss 0.00
Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.
- CVE-2003-1058Dec 3, 2003risk 0.00cvss —epss 0.00
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
- CVE-2003-1059Nov 20, 2003risk 0.00cvss —epss 0.00
Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.
- CVE-2003-1060Oct 27, 2003risk 0.00cvss —epss 0.02
The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.
- CVE-2003-1061Oct 14, 2003risk 0.00cvss —epss 0.00
Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.
Page 21 of 29