CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN » Sunos : Security Vulnerabilities (CVSS score between 4 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-1999-0010 DoS 1998-04-08 2018-10-30
5.0
None Remote Low Not required None None Partial
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
2 CVE-1999-0015 DoS 1997-12-16 2018-05-03
5.0
None Remote Low Not required None None Partial
Teardrop IP denial of service.
3 CVE-1999-0016 DoS 1997-12-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Land IP denial of service.
4 CVE-1999-0019 1996-04-24 2008-09-09
5.0
None Remote Low Not required None Partial None
Delete or create a file via rpc.statd, due to invalid information.
5 CVE-1999-0024 1997-08-13 2018-10-30
5.0
None Remote Low Not required None Partial None
DNS cache poisoning via BIND, by predictable query IDs.
6 CVE-1999-0054 DoS 1998-06-10 2018-10-30
5.0
None Remote Low Not required None None Partial
Sun's ftpd daemon can be subjected to a denial of service.
7 CVE-1999-0104 DoS 1997-12-16 2018-08-22
5.0
None Remote Low Not required None None Partial
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
8 CVE-1999-0125 Overflow 1998-01-25 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in SGI IRIX mailx program.
9 CVE-1999-0128 DoS 1996-12-18 2008-09-09
5.0
None Remote Low Not required None None Partial
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
10 CVE-1999-0129 1996-12-03 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
11 CVE-1999-0143 1996-02-21 2020-01-21
4.6
None Local Low Not required Partial Partial Partial
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
12 CVE-1999-0164 1995-08-29 2008-09-09
6.2
None Local High Not required Complete Complete Complete
A race condition in the Solaris ps command allows an attacker to overwrite critical files.
13 CVE-1999-0167 1991-12-06 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system.
14 CVE-1999-0209 1990-08-14 2008-09-09
5.0
None Remote Low Not required Partial None None
The SunView (SunTools) selection_svc facility allows remote users to read files.
15 CVE-1999-0211 1994-02-14 2018-10-30
5.0
None Remote Low Not required Partial None None
Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.
16 CVE-1999-0217 1997-01-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.
17 CVE-1999-0263 1998-07-16 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Solaris SUNWadmap can be exploited to obtain root access.
18 CVE-1999-0273 DoS 1998-01-01 2018-10-30
5.0
None Remote Low Not required None None Partial
Denial of service through Solaris 2.5.1 telnet by sending ^D characters.
19 CVE-1999-0303 Overflow 1998-05-21 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
20 CVE-1999-0345 DoS 1997-01-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
21 CVE-1999-0370 1999-02-10 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
22 CVE-1999-0513 DoS 1998-01-05 2018-10-30
5.0
None Remote Low Not required None None Partial
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
23 CVE-1999-0676 1999-08-09 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
24 CVE-1999-0786 1999-09-22 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
25 CVE-1999-0848 DoS 1999-11-10 2018-10-30
5.0
None Remote Low Not required None None Partial
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
26 CVE-1999-0908 DoS 1999-09-23 2018-10-30
5.0
None Remote Low Not required None None Partial
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
27 CVE-1999-1014 Overflow +Priv 1999-09-13 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
28 CVE-1999-1023 1999-06-10 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
29 CVE-1999-1025 1998-11-12 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
30 CVE-1999-1122 +Priv 1989-07-26 2018-05-03
4.6
None Local Low Not required Partial Partial Partial
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges.
31 CVE-1999-1258 +Info 1991-01-15 2017-10-10
5.0
None Remote Low Not required Partial None None
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
32 CVE-1999-1388 1994-05-13 2008-09-05
6.2
None Local High Not required Complete Complete Complete
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
33 CVE-1999-1413 1996-08-03 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.
34 CVE-1999-1468 +Priv 1991-10-22 2008-09-10
6.2
None Local High Not required Complete Complete Complete
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
35 CVE-2000-0030 1999-12-22 2018-10-30
5.0
None Remote Low Not required None None Partial
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
36 CVE-2001-0059 2001-02-12 2018-10-30
6.2
None Local High Not required Complete Complete Complete
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.
37 CVE-2001-0421 2001-07-02 2018-10-30
6.4
None Remote Low Not required Partial None Partial
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
38 CVE-2001-0548 Overflow +Priv 2001-08-14 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.
39 CVE-2001-0565 Overflow +Priv 2001-08-14 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
40 CVE-2001-0594 Overflow +Priv 2001-08-02 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
41 CVE-2001-0595 Exec Code Overflow 2001-08-02 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program.
42 CVE-2001-1244 DoS 2001-07-07 2018-10-30
5.0
None Remote Low Not required None None Partial
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
43 CVE-2001-1555 2001-12-31 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY.
44 CVE-2002-0085 DoS 2002-03-15 2018-10-30
5.0
None Remote Low Not required None None Partial
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
45 CVE-2002-1199 Dir. Trav. 2002-10-28 2018-10-30
5.0
None Remote Low Not required Partial None None
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
46 CVE-2002-1228 DoS 2002-10-28 2018-10-30
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.
47 CVE-2002-1323 2002-12-11 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
48 CVE-2002-1345 Dir. Trav. 2002-12-23 2018-10-30
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
49 CVE-2002-1585 DoS 2002-11-08 2018-10-30
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic.
50 CVE-2002-1763 2002-12-31 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session.
Total number of vulnerabilities : 222   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.