| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| Buffer overflow in Sun's ping program can give root access to local users. |
| Command execution in Sun systems via buffer overflow in the at program. |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code. |
| Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed. |
| Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API. |
| An SNMP community name is the default (e.g. public), null, or missing. |
| pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. |
| Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. |
| Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). |
| Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable. |
| Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. |
| Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument. |
| Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. |
| Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. |
| The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. |
| Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption). |
