| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration. |
| The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| Solaris ff.core allows local users to modify files. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| A Unix account has a default, null, blank, or missing password. |
| rpc.admind in Solaris is not running in a secure mode. |
