| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files. |
| Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. |
| Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. |
| Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. |
| Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. |
| Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. |
| Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code. |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. |
| Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program. |
| Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses. |
| Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges. |
| Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. |
| Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. |
| Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument. |
| Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. |
| Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. |
