Total
99 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0965 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2023-12-10 | 9.3 HIGH | N/A |
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. | |||||
CVE-2009-3183 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.2 HIGH | N/A |
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. | |||||
CVE-2008-3875 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.2 HIGH | N/A |
The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls. | |||||
CVE-2009-2137 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.8 HIGH | N/A |
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value. | |||||
CVE-2009-2296 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 10.0 HIGH | N/A |
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. | |||||
CVE-2009-2187 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages. | |||||
CVE-2009-2031 | 1 Sun | 1 Opensolaris | 2023-12-10 | 2.1 LOW | N/A |
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes. | |||||
CVE-2009-0924 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712. | |||||
CVE-2009-3432 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 1.9 LOW | N/A |
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events. | |||||
CVE-2009-2430 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and OpenSolaris snv_01 through snv_58, when Solaris Auditing is enabled, allows local users with an RBAC execution profile for auditconfig to gain privileges via unknown attack vectors. | |||||
CVE-2008-5909 | 1 Sun | 1 Opensolaris | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors, related to improper handling of temporary files, aka Bug ID 6655641. | |||||
CVE-2008-3838 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of service. | |||||
CVE-2009-2135 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. | |||||
CVE-2009-3101 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches. | |||||
CVE-2009-3899 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.8 HIGH | N/A |
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||||
CVE-2009-2644 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds." | |||||
CVE-2009-0870 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. | |||||
CVE-2009-4191 | 1 Sun | 2 Opensolaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2008-5133 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 5.8 MEDIUM | N/A |
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. | |||||
CVE-2009-0168 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. |