| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. |
| Teardrop IP denial of service. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Buffer overflow in Sun's ping program can give root access to local users. |
| The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| Denial of service by sending forged ICMP unreachable packets. |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. |
| Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. |
| Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. |
| Solaris ff.core allows local users to modify files. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. |