VYPR

Sunos

by Sun Corporation

CVEs (563)

  • CVE-2003-1081Sep 9, 2003
    risk 0.00cvss epss 0.02

    Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.

  • CVE-2003-0669Aug 27, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.

  • CVE-2003-1063Aug 20, 2003
    risk 0.00cvss epss 0.02

    The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.

  • CVE-2003-1065Jul 23, 2003
    risk 0.00cvss epss 0.00

    Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).

  • CVE-2003-1067Jun 19, 2003
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.

  • CVE-2003-1068Jun 6, 2003
    risk 0.00cvss epss 0.00

    Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.

  • CVE-2003-1069Jun 3, 2003
    risk 0.00cvss epss 0.02

    The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).

  • CVE-2003-1070Apr 28, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).

  • CVE-2003-1072Apr 28, 2003
    risk 0.00cvss epss 0.00

    Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).

  • CVE-2003-0092Apr 2, 2003
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

  • CVE-2003-0091Apr 2, 2003
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

  • CVE-2003-0064Mar 3, 2003
    risk 0.00cvss epss 0.03

    The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker…

  • CVE-2003-1078Feb 28, 2003
    risk 0.00cvss epss 0.01

    The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.

  • CVE-2003-0058Feb 19, 2003
    risk 0.00cvss epss 0.05

    MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

  • CVE-2003-1079Feb 18, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.

  • CVE-2003-1075Jan 27, 2003
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.

  • CVE-2002-1980Dec 31, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.

  • CVE-2002-2327Dec 31, 2002
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties.

  • CVE-2002-2197Dec 31, 2002
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.

  • CVE-2002-2203Dec 31, 2002
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.

Page 22 of 29