| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. |
| Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument. |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. |
| patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. |
| Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068. |
| Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. |
| Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. |
| Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. |
| The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. |
| Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library. |
| Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. |
| Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. |
| Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). |
| Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. |
| Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. |
| Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code. |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. |
