Sunos
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-0679 | 0.02 | — | 0.23 | Sep 5, 2002 | Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | |||
| CVE-2002-0084 | 0.02 | — | 0.21 | Mar 15, 2002 | Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument. | |||
| CVE-2008-2144 | 0.01 | — | 0.17 | May 12, 2008 | Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors. | |||
| CVE-2005-0488 | 0.01 | — | 0.17 | Jun 14, 2005 | Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | |||
| CVE-2004-1307 | 0.01 | — | 0.06 | Dec 21, 2004 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a… | |||
| CVE-2004-0523 | 0.01 | — | 0.12 | Aug 18, 2004 | Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | |||
| CVE-2004-1082 | 0.01 | — | 0.08 | Feb 3, 2004 | mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||
| CVE-2003-0028 | 0.01 | — | 0.15 | Mar 25, 2003 | Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in… | |||
| CVE-2002-0678 | 0.01 | — | 0.09 | Jul 23, 2002 | CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. | |||
| CVE-2002-0677 | 0.01 | — | 0.07 | Jul 23, 2002 | CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||
| CVE-2002-0573 | 0.01 | — | 0.09 | Jul 3, 2002 | Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | |||
| CVE-2001-1328 | 0.01 | — | 0.17 | Jun 22, 2001 | Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code. | |||
| CVE-1999-0057 | 0.01 | — | 0.08 | Nov 16, 1998 | Vacation program allows command execution by remote users through a sendmail command. | |||
| CVE-1999-0104 | 0.01 | — | 0.09 | Dec 16, 1997 | A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. | |||
| CVE-1999-0185 | 0.01 | — | 0.07 | Oct 1, 1997 | In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. | |||
| CVE-1999-1467 | 0.01 | — | 0.10 | Oct 26, 1989 | Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user. | |||
| CVE-2015-0430 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility. | |||
| CVE-2015-0429 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility. | |||
| CVE-2015-0428 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control. | |||
| CVE-2015-0397 | 0.00 | — | 0.00 | Jan 21, 2015 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600. |
- CVE-2002-0679Sep 5, 2002risk 0.02cvss —epss 0.23
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
- CVE-2002-0084Mar 15, 2002risk 0.02cvss —epss 0.21
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
- CVE-2008-2144May 12, 2008risk 0.01cvss —epss 0.17
Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.
- CVE-2005-0488Jun 14, 2005risk 0.01cvss —epss 0.17
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
- CVE-2004-1307Dec 21, 2004risk 0.01cvss —epss 0.06
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a…
- CVE-2004-0523Aug 18, 2004risk 0.01cvss —epss 0.12
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
- CVE-2004-1082Feb 3, 2004risk 0.01cvss —epss 0.08
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
- CVE-2003-0028Mar 25, 2003risk 0.01cvss —epss 0.15
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in…
- CVE-2002-0678Jul 23, 2002risk 0.01cvss —epss 0.09
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
- CVE-2002-0677Jul 23, 2002risk 0.01cvss —epss 0.07
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
- CVE-2002-0573Jul 3, 2002risk 0.01cvss —epss 0.09
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.
- CVE-2001-1328Jun 22, 2001risk 0.01cvss —epss 0.17
Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.
- CVE-1999-0057Nov 16, 1998risk 0.01cvss —epss 0.08
Vacation program allows command execution by remote users through a sendmail command.
- CVE-1999-0104Dec 16, 1997risk 0.01cvss —epss 0.09
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
- CVE-1999-0185Oct 1, 1997risk 0.01cvss —epss 0.07
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.
- CVE-1999-1467Oct 26, 1989risk 0.01cvss —epss 0.10
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.
- CVE-2015-0430Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
- CVE-2015-0429Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
- CVE-2015-0428Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
- CVE-2015-0397Jan 21, 2015risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.
Page 7 of 29