Vendor CVEs
Sun Corporation
All CVEs
2,062 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-1102 | 0.00 | — | 0.00 | Dec 31, 1999 | lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | |||
| CVE-1999-1586 | 0.00 | — | 0.00 | Dec 31, 1999 | loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. | |||
| CVE-2000-0030 | 0.00 | — | 0.01 | Dec 22, 1999 | Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. | |||
| CVE-1999-0974 | 0.00 | — | 0.03 | Dec 9, 1999 | Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. | |||
| CVE-1999-0982 | 0.00 | — | 0.00 | Dec 5, 1999 | The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | |||
| CVE-1999-0840 | 0.00 | — | 0.00 | Nov 30, 1999 | Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. | |||
| CVE-1999-1527 | 0.00 | — | 0.02 | Nov 23, 1999 | Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server. | |||
| CVE-1999-0831 | 0.00 | — | 0.01 | Nov 19, 1999 | Denial of service in Linux syslogd via a large number of connections. | |||
| CVE-1999-0837 | 0.00 | — | 0.03 | Nov 10, 1999 | Denial of service in BIND by improperly closing TCP sessions via so_linger. | |||
| CVE-1999-0851 | 0.00 | — | 0.00 | Nov 10, 1999 | Denial of service in BIND named via naptr. | |||
| CVE-1999-0833 | 0.00 | — | 0.02 | Nov 10, 1999 | Buffer overflow in BIND 8.2 via NXT records. | |||
| CVE-1999-0835 | 0.00 | — | 0.01 | Nov 10, 1999 | Denial of service in BIND named via malformed SIG records. | |||
| CVE-1999-1530 | 0.00 | — | 0.00 | Nov 8, 1999 | cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. | |||
| CVE-1999-0687 | 0.00 | — | 0.02 | Sep 13, 1999 | The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | |||
| CVE-1999-0676 | 0.00 | — | 0.00 | Aug 9, 1999 | sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. | |||
| CVE-1999-0722 | 0.00 | — | 0.02 | Aug 8, 1999 | The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. | |||
| CVE-1999-1023 | 0.00 | — | 0.00 | Jun 10, 1999 | useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. | |||
| CVE-1999-0440 | 0.00 | — | 0.04 | Mar 1, 1999 | The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | |||
| CVE-1999-0223 | 0.00 | — | 0.00 | Mar 1, 1999 | Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | |||
| CVE-1999-0408 | 0.00 | — | 0.02 | Feb 25, 1999 | Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. | |||
| CVE-1999-0370 | 0.00 | — | 0.00 | Feb 10, 1999 | In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. | |||
| CVE-1999-0952 | 0.00 | — | 0.00 | Jan 28, 1999 | Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. | |||
| CVE-1999-0568 | 0.00 | — | 0.02 | Jan 1, 1999 | rpc.admind in Solaris is not running in a secure mode. | |||
| CVE-1999-0188 | 0.00 | — | 0.00 | Dec 17, 1998 | The passwd command in Solaris can be subjected to a denial of service. | |||
| CVE-1999-0139 | 0.00 | — | 0.00 | Dec 12, 1998 | Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. | |||
| CVE-1999-1025 | 0.00 | — | 0.00 | Nov 12, 1998 | CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string. | |||
| CVE-1999-0254 | 0.00 | — | 0.04 | Nov 2, 1998 | A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. | |||
| CVE-1999-0186 | 0.00 | — | 0.04 | Oct 1, 1998 | In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. | |||
| CVE-1999-0056 | 0.00 | — | 0.00 | Sep 9, 1998 | Buffer overflow in Sun's ping program can give root access to local users. | |||
| CVE-1999-0302 | 0.00 | — | 0.02 | Sep 1, 1998 | SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. | |||
| CVE-1999-0065 | 0.00 | — | 0.03 | Aug 31, 1998 | Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. | |||
| CVE-1999-0339 | 0.00 | — | 0.00 | Aug 1, 1998 | Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. | |||
| CVE-1999-0263 | 0.00 | — | 0.00 | Jul 16, 1998 | Solaris SUNWadmap can be exploited to obtain root access. | |||
| CVE-1999-1297 | 0.00 | — | 0.00 | Jul 15, 1998 | cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key. | |||
| CVE-1999-0213 | 0.00 | — | 0.02 | Jul 15, 1998 | libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. | |||
| CVE-1999-0797 | 0.00 | — | 0.01 | Jun 29, 1998 | NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries. | |||
| CVE-1999-0054 | 0.00 | — | 0.01 | Jun 10, 1998 | Sun's ftpd daemon can be subjected to a denial of service. | |||
| CVE-1999-0008 | 0.00 | — | 0.04 | Jun 8, 1998 | Buffer overflow in NIS+, in Sun's rpc.nisd program. | |||
| CVE-1999-0303 | 0.00 | — | 0.00 | May 21, 1998 | Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. | |||
| CVE-1999-0055 | 0.00 | — | 0.00 | May 14, 1998 | Buffer overflows in Sun libnsl allow root access. | |||
| CVE-1999-1027 | 0.00 | — | 0.00 | May 7, 1998 | Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||
| CVE-1999-0212 | 0.00 | — | 0.02 | Apr 29, 1998 | Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. | |||
| CVE-1999-0010 | 0.00 | — | 0.02 | Apr 8, 1998 | Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||
| CVE-1999-0190 | 0.00 | — | 0.00 | Apr 8, 1998 | Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. | |||
| CVE-1999-1118 | 0.00 | — | 0.00 | Mar 11, 1998 | ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters. | |||
| CVE-1999-0320 | 0.00 | — | 0.01 | Mar 1, 1998 | SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. | |||
| CVE-1999-0795 | 0.00 | — | 0.02 | Mar 1, 1998 | The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches. | |||
| CVE-1999-0296 | 0.00 | — | 0.00 | Feb 1, 1998 | Solaris volrmmount program allows attackers to read any file. | |||
| CVE-1999-0273 | 0.00 | — | 0.01 | Jan 1, 1998 | Denial of service through Solaris 2.5.1 telnet by sending ^D characters. | |||
| CVE-1999-0017 | 0.00 | — | 0.02 | Dec 10, 1997 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
- CVE-1999-1102Dec 31, 1999risk 0.00cvss —epss 0.00
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
- CVE-1999-1586Dec 31, 1999risk 0.00cvss —epss 0.00
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.
- CVE-2000-0030Dec 22, 1999risk 0.00cvss —epss 0.01
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
- CVE-1999-0974Dec 9, 1999risk 0.00cvss —epss 0.03
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
- CVE-1999-0982Dec 5, 1999risk 0.00cvss —epss 0.00
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
- CVE-1999-0840Nov 30, 1999risk 0.00cvss —epss 0.00
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.
- CVE-1999-1527Nov 23, 1999risk 0.00cvss —epss 0.02
Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server.
- CVE-1999-0831Nov 19, 1999risk 0.00cvss —epss 0.01
Denial of service in Linux syslogd via a large number of connections.
- CVE-1999-0837Nov 10, 1999risk 0.00cvss —epss 0.03
Denial of service in BIND by improperly closing TCP sessions via so_linger.
- CVE-1999-0851Nov 10, 1999risk 0.00cvss —epss 0.00
Denial of service in BIND named via naptr.
- CVE-1999-0833Nov 10, 1999risk 0.00cvss —epss 0.02
Buffer overflow in BIND 8.2 via NXT records.
- CVE-1999-0835Nov 10, 1999risk 0.00cvss —epss 0.01
Denial of service in BIND named via malformed SIG records.
- CVE-1999-1530Nov 8, 1999risk 0.00cvss —epss 0.00
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.
- CVE-1999-0687Sep 13, 1999risk 0.00cvss —epss 0.02
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
- CVE-1999-0676Aug 9, 1999risk 0.00cvss —epss 0.00
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
- CVE-1999-0722Aug 8, 1999risk 0.00cvss —epss 0.02
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.
- CVE-1999-1023Jun 10, 1999risk 0.00cvss —epss 0.00
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
- CVE-1999-0440Mar 1, 1999risk 0.00cvss —epss 0.04
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
- CVE-1999-0223Mar 1, 1999risk 0.00cvss —epss 0.00
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
- CVE-1999-0408Feb 25, 1999risk 0.00cvss —epss 0.02
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.
- CVE-1999-0370Feb 10, 1999risk 0.00cvss —epss 0.00
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
- CVE-1999-0952Jan 28, 1999risk 0.00cvss —epss 0.00
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
- CVE-1999-0568Jan 1, 1999risk 0.00cvss —epss 0.02
rpc.admind in Solaris is not running in a secure mode.
- CVE-1999-0188Dec 17, 1998risk 0.00cvss —epss 0.00
The passwd command in Solaris can be subjected to a denial of service.
- CVE-1999-0139Dec 12, 1998risk 0.00cvss —epss 0.00
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.
- CVE-1999-1025Nov 12, 1998risk 0.00cvss —epss 0.00
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
- CVE-1999-0254Nov 2, 1998risk 0.00cvss —epss 0.04
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.
- CVE-1999-0186Oct 1, 1998risk 0.00cvss —epss 0.04
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
- CVE-1999-0056Sep 9, 1998risk 0.00cvss —epss 0.00
Buffer overflow in Sun's ping program can give root access to local users.
- CVE-1999-0302Sep 1, 1998risk 0.00cvss —epss 0.02
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
- CVE-1999-0065Aug 31, 1998risk 0.00cvss —epss 0.03
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.
- CVE-1999-0339Aug 1, 1998risk 0.00cvss —epss 0.00
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
- CVE-1999-0263Jul 16, 1998risk 0.00cvss —epss 0.00
Solaris SUNWadmap can be exploited to obtain root access.
- CVE-1999-1297Jul 15, 1998risk 0.00cvss —epss 0.00
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
- CVE-1999-0213Jul 15, 1998risk 0.00cvss —epss 0.02
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.
- CVE-1999-0797Jun 29, 1998risk 0.00cvss —epss 0.01
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
- CVE-1999-0054Jun 10, 1998risk 0.00cvss —epss 0.01
Sun's ftpd daemon can be subjected to a denial of service.
- CVE-1999-0008Jun 8, 1998risk 0.00cvss —epss 0.04
Buffer overflow in NIS+, in Sun's rpc.nisd program.
- CVE-1999-0303May 21, 1998risk 0.00cvss —epss 0.00
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
- CVE-1999-0055May 14, 1998risk 0.00cvss —epss 0.00
Buffer overflows in Sun libnsl allow root access.
- CVE-1999-1027May 7, 1998risk 0.00cvss —epss 0.00
Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program.
- CVE-1999-0212Apr 29, 1998risk 0.00cvss —epss 0.02
Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.
- CVE-1999-0010Apr 8, 1998risk 0.00cvss —epss 0.02
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
- CVE-1999-0190Apr 8, 1998risk 0.00cvss —epss 0.00
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.
- CVE-1999-1118Mar 11, 1998risk 0.00cvss —epss 0.00
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.
- CVE-1999-0320Mar 1, 1998risk 0.00cvss —epss 0.01
SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.
- CVE-1999-0795Mar 1, 1998risk 0.00cvss —epss 0.02
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
- CVE-1999-0296Feb 1, 1998risk 0.00cvss —epss 0.00
Solaris volrmmount program allows attackers to read any file.
- CVE-1999-0273Jan 1, 1998risk 0.00cvss —epss 0.01
Denial of service through Solaris 2.5.1 telnet by sending ^D characters.
- CVE-1999-0017Dec 10, 1997risk 0.00cvss —epss 0.02
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
Page 40 of 42