| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. |
| The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. |
| CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Denial of service by sending forged ICMP unreachable packets. |
| Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. |
| Buffer overflows in Sun libnsl allow root access. |
| Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. |
| NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade. |
| Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. |
| Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name. |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. |
| Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. |
| Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. |
| Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. |
| Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference. |
| Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
