VYPR

Sunos

by Sun Corporation

CVEs (563)

  • CVE-1999-0848Nov 10, 1999
    risk 0.04cvss epss 0.06

    Denial of service in BIND named via consuming more than "fdmax" file descriptors.

  • CVE-1999-0875Aug 11, 1999
    risk 0.04cvss epss 0.18

    DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.

  • CVE-1999-0696Jul 1, 1999
    risk 0.04cvss epss 0.12

    Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

  • CVE-1999-0009Apr 8, 1998
    risk 0.04cvss epss 0.29

    Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

  • CVE-1999-0018Dec 5, 1997
    risk 0.04cvss epss 0.10

    Buffer overflow in statd allows root privileges.

  • CVE-2008-1480Mar 24, 2008
    risk 0.03cvss epss 0.06

    rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.

  • CVE-2007-5225Oct 5, 2007
    risk 0.03cvss epss 0.01

    Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.

  • CVE-2005-2072Jun 29, 2005
    risk 0.03cvss epss 0.01

    The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.

  • CVE-2004-2686Dec 31, 2004
    risk 0.03cvss epss 0.01

    Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient…

  • CVE-2004-0360Nov 23, 2004
    risk 0.03cvss epss 0.01

    Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.

  • CVE-2003-1073Dec 31, 2003
    risk 0.03cvss epss 0.01

    A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the…

  • CVE-2003-0609Aug 27, 2003
    risk 0.03cvss epss 0.04

    Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.

  • CVE-2003-1055Jul 3, 2003
    risk 0.03cvss epss 0.01

    Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup.

  • CVE-2003-1071Jan 3, 2003
    risk 0.03cvss epss 0.01

    rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.

  • CVE-2002-0572Jul 3, 2002
    risk 0.03cvss epss 0.02

    FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid…

  • CVE-2002-0158Apr 2, 2002
    risk 0.03cvss epss 0.01

    Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.

  • CVE-2001-1582Dec 31, 2001
    risk 0.03cvss epss 0.01

    Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.

  • CVE-2001-0652Oct 30, 2001
    risk 0.03cvss epss 0.01

    Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.

  • CVE-2001-0548Aug 14, 2001
    risk 0.03cvss epss 0.01

    Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.

  • CVE-2001-0565Aug 14, 2001
    risk 0.03cvss epss 0.01

    Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.

Page 3 of 29