Sunos
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0973 | 0.03 | — | 0.03 | Dec 7, 1999 | Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | |||
| CVE-1999-0859 | 0.03 | — | 0.01 | Dec 1, 1999 | Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. | |||
| CVE-1999-0860 | 0.03 | — | 0.01 | Dec 1, 1999 | Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. | |||
| CVE-1999-0841 | 0.03 | — | 0.01 | Nov 30, 1999 | Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. | |||
| CVE-1999-0818 | 0.03 | — | 0.01 | Nov 20, 1999 | Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. | |||
| CVE-1999-0949 | 0.03 | — | 0.01 | Nov 2, 1999 | Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. | |||
| CVE-1999-0948 | 0.03 | — | 0.01 | Nov 2, 1999 | Buffer overflow in uum program for Canna input system allows local users to gain root privileges. | |||
| CVE-1999-0908 | 0.03 | — | 0.02 | Sep 23, 1999 | Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. | |||
| CVE-1999-0786 | 0.03 | — | 0.01 | Sep 22, 1999 | The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. | |||
| CVE-1999-0691 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||
| CVE-1999-1014 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. | |||
| CVE-1999-0689 | 0.03 | — | 0.01 | Sep 13, 1999 | The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. | |||
| CVE-1999-0767 | 0.03 | — | 0.01 | Sep 8, 1999 | Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | |||
| CVE-1999-0674 | 0.03 | — | 0.01 | Aug 9, 1999 | The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. | |||
| CVE-2000-0118 | 0.03 | — | 0.01 | Jun 9, 1999 | The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. | |||
| CVE-1999-0493 | 0.03 | — | 0.04 | Jun 7, 1999 | rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. | |||
| CVE-1999-0773 | 0.03 | — | 0.01 | May 11, 1999 | Buffer overflow in Solaris lpset program allows local users to gain root access. | |||
| CVE-1999-0806 | 0.03 | — | 0.01 | May 10, 1999 | Buffer overflow in Solaris dtprintinfo program. | |||
| CVE-1999-0417 | 0.03 | — | 0.01 | Mar 9, 1999 | 64 bit Solaris 7 procfs allows local users to perform a denial of service. | |||
| CVE-1999-1371 | 0.03 | — | 0.01 | Mar 8, 1999 | Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. |
- CVE-1999-0973Dec 7, 1999risk 0.03cvss —epss 0.03
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
- CVE-1999-0859Dec 1, 1999risk 0.03cvss —epss 0.01
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
- CVE-1999-0860Dec 1, 1999risk 0.03cvss —epss 0.01
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
- CVE-1999-0841Nov 30, 1999risk 0.03cvss —epss 0.01
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.
- CVE-1999-0818Nov 20, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.
- CVE-1999-0949Nov 2, 1999risk 0.03cvss —epss 0.01
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
- CVE-1999-0948Nov 2, 1999risk 0.03cvss —epss 0.01
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
- CVE-1999-0908Sep 23, 1999risk 0.03cvss —epss 0.02
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
- CVE-1999-0786Sep 22, 1999risk 0.03cvss —epss 0.01
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
- CVE-1999-0691Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
- CVE-1999-1014Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
- CVE-1999-0689Sep 13, 1999risk 0.03cvss —epss 0.01
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
- CVE-1999-0767Sep 8, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
- CVE-1999-0674Aug 9, 1999risk 0.03cvss —epss 0.01
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
- CVE-2000-0118Jun 9, 1999risk 0.03cvss —epss 0.01
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
- CVE-1999-0493Jun 7, 1999risk 0.03cvss —epss 0.04
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
- CVE-1999-0773May 11, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris lpset program allows local users to gain root access.
- CVE-1999-0806May 10, 1999risk 0.03cvss —epss 0.01
Buffer overflow in Solaris dtprintinfo program.
- CVE-1999-0417Mar 9, 1999risk 0.03cvss —epss 0.01
64 bit Solaris 7 procfs allows local users to perform a denial of service.
- CVE-1999-1371Mar 8, 1999risk 0.03cvss —epss 0.01
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.
Page 5 of 29