VYPR

Vendor CVEs

Sun Corporation

All CVEs

2,062 total · sorted by risk
  • CVE-2002-0360Jun 25, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program.

  • CVE-2002-0347Jun 25, 2002
    risk 0.00cvss epss 0.06

    Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.

  • CVE-2002-0089Mar 15, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.

  • CVE-2002-0090Mar 15, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.

  • CVE-2002-0085Mar 15, 2002
    risk 0.00cvss epss 0.02

    cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.

  • CVE-2002-0088Mar 15, 2002
    risk 0.00cvss epss 0.00

    Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.

  • CVE-2001-1503Dec 31, 2001
    risk 0.00cvss epss 0.01

    The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.

  • CVE-2001-1479Dec 31, 2001
    risk 0.00cvss epss 0.00

    smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary files via a symlink attack on /tmp/smc$SMC_PORT.

  • CVE-2001-1480Dec 31, 2001
    risk 0.00cvss epss 0.02

    Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.

  • CVE-2001-1555Dec 31, 2001
    risk 0.00cvss epss 0.00

    pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY.

  • CVE-2001-0922Nov 26, 2001
    risk 0.00cvss epss 0.02

    ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in.

  • CVE-2001-0717Oct 30, 2001
    risk 0.00cvss epss 0.06

    Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.

  • CVE-2001-1414Oct 9, 2001
    risk 0.00cvss epss 0.02

    The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root.

  • CVE-2001-0686Sep 20, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable.

  • CVE-2001-0699Sep 20, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument.

  • CVE-2001-1008Aug 31, 2001
    risk 0.00cvss epss 0.02

    Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate.

  • CVE-2001-1066Aug 31, 2001
    risk 0.00cvss epss 0.00

    ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0632Aug 22, 2001
    risk 0.00cvss epss 0.02

    Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.

  • CVE-2001-0634Aug 22, 2001
    risk 0.00cvss epss 0.00

    Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service.

  • CVE-2001-0606Aug 22, 2001
    risk 0.00cvss epss 0.02

    Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.

  • CVE-2001-0633Aug 22, 2001
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.

  • CVE-2001-0353Jul 21, 2001
    risk 0.00cvss epss 0.04

    Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.

  • CVE-2001-1308Jul 16, 2001
    risk 0.00cvss epss 0.05

    Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2001-1306Jul 16, 2001
    risk 0.00cvss epss 0.04

    iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2001-1307Jul 16, 2001
    risk 0.00cvss epss 0.05

    Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2001-1244Jul 7, 2001
    risk 0.00cvss epss 0.35

    Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that…

  • CVE-2001-0470Jun 27, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.

  • CVE-2001-0404Jun 18, 2001
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.

  • CVE-2001-0229May 3, 2001
    risk 0.00cvss epss 0.00

    Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.

  • CVE-2001-0269May 3, 2001
    risk 0.00cvss epss 0.03

    pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password.

  • CVE-2001-0190Mar 26, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).

  • CVE-2001-0124Mar 12, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.

  • CVE-2001-0078Feb 12, 2001
    risk 0.00cvss epss 0.00

    in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.

  • CVE-2001-0077Feb 12, 2001
    risk 0.00cvss epss 0.01

    The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations.

  • CVE-2000-1156Jan 9, 2001
    risk 0.00cvss epss 0.00

    StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.

  • CVE-2000-1099Jan 9, 2001
    risk 0.00cvss epss 0.02

    Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.

  • CVE-2000-1076Dec 11, 2000
    risk 0.00cvss epss 0.02

    Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.

  • CVE-2000-0812Nov 14, 2000
    risk 0.00cvss epss 0.06

    The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.

  • CVE-2000-0629Jul 12, 2000
    risk 0.00cvss epss 0.04

    The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.

  • CVE-2000-0431May 22, 2000
    risk 0.00cvss epss 0.01

    Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.

  • CVE-2000-0320Apr 21, 2000
    risk 0.00cvss epss 0.01

    Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n.

  • CVE-2000-0291Apr 16, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.

  • CVE-2000-0175Mar 9, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.

  • CVE-2000-0164Feb 20, 2000
    risk 0.00cvss epss 0.01

    The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords.

  • CVE-2000-0117Jan 30, 2000
    risk 0.00cvss epss 0.00

    The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root).

  • CVE-2000-0055Jan 6, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.

  • CVE-2000-0069Jan 1, 2000
    risk 0.00cvss epss 0.00

    The recover program in Solstice Backup allows local users to restore sensitive files.

  • CVE-1999-1586Dec 31, 1999
    risk 0.00cvss epss 0.00

    loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.

  • CVE-1999-1585Dec 31, 1999
    risk 0.00cvss epss 0.00

    The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges.

  • CVE-1999-1592Dec 31, 1999
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.

Page 39 of 42