| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet. |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file. |
| Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. |
| loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. |
| patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. |
| Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. |
| Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. |
| Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. |
| Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. |
| Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. |
| Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets. |
