VYPR

Vendor CVEs

Sun Corporation

All CVEs

2,062 total · sorted by risk
  • CVE-1999-1426Nov 10, 1997
    risk 0.00cvss epss 0.00

    Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files.

  • CVE-1999-1428Nov 10, 1997
    risk 0.00cvss epss 0.00

    Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.

  • CVE-1999-1424Nov 10, 1997
    risk 0.00cvss epss 0.00

    Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.

  • CVE-1999-1425Nov 10, 1997
    risk 0.00cvss epss 0.00

    Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd.

  • CVE-1999-1427Nov 10, 1997
    risk 0.00cvss epss 0.00

    Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges.

  • CVE-1999-0097Oct 29, 1997
    risk 0.00cvss epss 0.04

    The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

  • CVE-1999-0300Oct 1, 1997
    risk 0.00cvss epss 0.01

    nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.

  • CVE-1999-0295Oct 1, 1997
    risk 0.00cvss epss 0.00

    Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.

  • CVE-1999-1225Aug 24, 1997
    risk 0.00cvss epss 0.02

    rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

  • CVE-1999-0024Aug 13, 1997
    risk 0.00cvss epss 0.05

    DNS cache poisoning via BIND, by predictable query IDs.

  • CVE-1999-1419Jul 30, 1997
    risk 0.00cvss epss 0.00

    Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.

  • CVE-1999-0169Jul 1, 1997
    risk 0.00cvss epss 0.02

    NFS allows attackers to read and write any file on the system by specifying a false UID.

  • CVE-1999-1192Jun 24, 1997
    risk 0.00cvss epss 0.00

    Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

  • CVE-1999-0033Jun 12, 1997
    risk 0.00cvss epss 0.01

    Command execution in Sun systems via buffer overflow in the at program.

  • CVE-1999-0189Jun 4, 1997
    risk 0.00cvss epss 0.01

    Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.

  • CVE-1999-1449May 19, 1997
    risk 0.00cvss epss 0.00

    SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.

  • CVE-1999-0318Mar 1, 1997
    risk 0.00cvss epss 0.01

    Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

  • CVE-1999-0165Mar 1, 1997
    risk 0.00cvss epss 0.02

    NFS cache poisoning.

  • CVE-1999-0868Feb 20, 1997
    risk 0.00cvss epss 0.01

    ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.

  • CVE-1999-0298Feb 5, 1997
    risk 0.00cvss epss 0.02

    ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

  • CVE-1999-0966Jan 27, 1997
    risk 0.00cvss epss 0.00

    Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].

  • CVE-1999-0048Jan 27, 1997
    risk 0.00cvss epss 0.03

    Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.

  • CVE-1999-0626Jan 1, 1997
    risk 0.00cvss epss 0.01

    A version of rusers is running that exposes valid user information to any entity on the network.

  • CVE-1999-0217Jan 1, 1997
    risk 0.00cvss epss 0.01

    Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.

  • CVE-1999-0166Jan 1, 1997
    risk 0.00cvss epss 0.01

    NFS allows users to use a "cd .." command to access other directories besides the exported file system.

  • CVE-1999-0345Jan 1, 1997
    risk 0.00cvss epss 0.01

    Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

  • CVE-1999-0129Dec 3, 1996
    risk 0.00cvss epss 0.01

    Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

  • CVE-1999-0277Oct 28, 1996
    risk 0.00cvss epss 0.00

    The WorkMan program can be used to overwrite any file to get root access.

  • CVE-1999-0132Aug 15, 1996
    risk 0.00cvss epss 0.00

    Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.

  • CVE-1999-0134Aug 6, 1996
    risk 0.00cvss epss 0.00

    vold in Solaris 2.x allows local users to gain root access.

  • CVE-1999-0136Jul 31, 1996
    risk 0.00cvss epss 0.00

    Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access.

  • CVE-1999-0135Jul 25, 1996
    risk 0.00cvss epss 0.00

    admintool in Solaris allows a local user to write to arbitrary files and gain root access.

  • CVE-1999-0019Apr 24, 1996
    risk 0.00cvss epss 0.02

    Delete or create a file via rpc.statd, due to invalid information.

  • CVE-1999-0078Apr 18, 1996
    risk 0.00cvss epss 0.01

    pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.

  • CVE-1999-0142Mar 1, 1996
    risk 0.00cvss epss 0.02

    The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.

  • CVE-1999-0143Feb 21, 1996
    risk 0.00cvss epss 0.00

    Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.

  • CVE-1999-0241Nov 1, 1995
    risk 0.00cvss epss 0.04

    Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.

  • CVE-1999-0099Oct 19, 1995
    risk 0.00cvss epss 0.03

    Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.

  • CVE-1999-0164Aug 29, 1995
    risk 0.00cvss epss 0.00

    A race condition in the Solaris ps command allows an attacker to overwrite critical files.

  • CVE-1999-1580Aug 23, 1995
    risk 0.00cvss epss 0.01

    SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.

  • CVE-1999-1080May 10, 1995
    risk 0.00cvss epss 0.00

    rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid…

  • CVE-1999-1388May 13, 1994
    risk 0.00cvss epss 0.00

    passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.

  • CVE-1999-0120Mar 21, 1994
    risk 0.00cvss epss 0.00

    Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root.

  • CVE-1999-0211Feb 14, 1994
    risk 0.00cvss epss 0.02

    Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.

  • CVE-1999-0334Dec 16, 1993
    risk 0.00cvss epss 0.00

    In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.

  • CVE-1999-1137Oct 1, 1993
    risk 0.00cvss epss 0.00

    The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.

  • CVE-1999-1318Sep 17, 1993
    risk 0.00cvss epss 0.00

    /usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs.

  • CVE-1999-1507Feb 3, 1993
    risk 0.00cvss epss 0.01

    Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.

  • CVE-1999-1021Dec 30, 1992
    risk 0.00cvss epss 0.00

    NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.

  • CVE-1999-1396Jul 21, 1992
    risk 0.00cvss epss 0.00

    Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root access or cause a denial of service (crash).

Page 41 of 42