| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). |
| Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. |
| Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. |
| Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program. |
| CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. |
| Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. |
| Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges. |
| Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. |
| Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. |
| ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters. |
| Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. |
| Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event. |
| Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. |
| Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. |
| Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). |
| Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. |
| Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option. |
| Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges. |
