Sunos
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0410 | 0.03 | — | 0.01 | Mar 5, 1999 | The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. | |||
| CVE-1999-0442 | 0.03 | — | 0.01 | Jan 7, 1999 | Solaris ff.core allows local users to modify files. | |||
| CVE-1999-1432 | 0.03 | — | 0.02 | Jul 16, 1998 | Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after… | |||
| CVE-1999-0125 | 0.03 | — | 0.01 | Jan 25, 1998 | Buffer overflow in SGI IRIX mailx program. | |||
| CVE-1999-0210 | 0.03 | — | 0.06 | Nov 26, 1997 | Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. | |||
| CVE-1999-0301 | 0.03 | — | 0.01 | Aug 1, 1997 | Buffer overflow in SunOS/Solaris ps command. | |||
| CVE-1999-1423 | 0.03 | — | 0.01 | Jun 26, 1997 | ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. | |||
| CVE-1999-1191 | 0.03 | — | 0.02 | May 19, 1997 | Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | |||
| CVE-1999-1402 | 0.03 | — | 0.01 | May 17, 1997 | The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | |||
| CVE-1999-1158 | 0.03 | — | 0.01 | May 13, 1997 | Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd. | |||
| CVE-1999-0040 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | |||
| CVE-1999-0315 | 0.03 | — | 0.01 | Apr 1, 1997 | Buffer overflow in Solaris fdformat command gives root access to local users. | |||
| CVE-1999-0109 | 0.03 | — | 0.01 | Feb 10, 1997 | Buffer overflow in ffbconfig in Solaris 2.5.1. | |||
| CVE-1999-0369 | 0.03 | — | 0.01 | Feb 1, 1997 | The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. | |||
| CVE-1999-0051 | 0.03 | — | 0.01 | Jan 6, 1997 | Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. | |||
| CVE-1999-0032 | 0.03 | — | 0.01 | Oct 25, 1996 | Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. | |||
| CVE-1999-1413 | 0.03 | — | 0.01 | Aug 3, 1996 | Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. | |||
| CVE-1999-0023 | 0.03 | — | 0.01 | Jul 24, 1996 | Local user gains root privileges via buffer overflow in rdist, via lookup() function. | |||
| CVE-1999-1123 | 0.03 | — | 0.01 | May 20, 1991 | The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. | |||
| CVE-2003-0196 | 0.02 | — | 0.23 | May 5, 2003 | Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. |
- CVE-1999-0410Mar 5, 1999risk 0.03cvss —epss 0.01
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
- CVE-1999-0442Jan 7, 1999risk 0.03cvss —epss 0.01
Solaris ff.core allows local users to modify files.
- CVE-1999-1432Jul 16, 1998risk 0.03cvss —epss 0.02
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after…
- CVE-1999-0125Jan 25, 1998risk 0.03cvss —epss 0.01
Buffer overflow in SGI IRIX mailx program.
- CVE-1999-0210Nov 26, 1997risk 0.03cvss —epss 0.06
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
- CVE-1999-0301Aug 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in SunOS/Solaris ps command.
- CVE-1999-1423Jun 26, 1997risk 0.03cvss —epss 0.01
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
- CVE-1999-1191May 19, 1997risk 0.03cvss —epss 0.02
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
- CVE-1999-1402May 17, 1997risk 0.03cvss —epss 0.01
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
- CVE-1999-1158May 13, 1997risk 0.03cvss —epss 0.01
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.
- CVE-1999-0040May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
- CVE-1999-0315Apr 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Solaris fdformat command gives root access to local users.
- CVE-1999-0109Feb 10, 1997risk 0.03cvss —epss 0.01
Buffer overflow in ffbconfig in Solaris 2.5.1.
- CVE-1999-0369Feb 1, 1997risk 0.03cvss —epss 0.01
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
- CVE-1999-0051Jan 6, 1997risk 0.03cvss —epss 0.01
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
- CVE-1999-0032Oct 25, 1996risk 0.03cvss —epss 0.01
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
- CVE-1999-1413Aug 3, 1996risk 0.03cvss —epss 0.01
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.
- CVE-1999-0023Jul 24, 1996risk 0.03cvss —epss 0.01
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
- CVE-1999-1123May 20, 1991risk 0.03cvss —epss 0.01
The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall.
- CVE-2003-0196May 5, 2003risk 0.02cvss —epss 0.23
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
Page 6 of 29