| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Delete or create a file via rpc.statd, due to invalid information. |
| Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| Sun's ftpd daemon can be subjected to a denial of service. |
| Vacation program allows command execution by remote users through a sendmail command. |
| Solaris ufsrestore buffer overflow. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. |
| Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. |
| NFS cache poisoning. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| Sun SunONE web server 6.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes SunONE to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. |
| The passwd command in Solaris can be subjected to a denial of service. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. |
| Solaris volrmmount program allows attackers to read any file. |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. |