Total
99 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5010 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 10.0 HIGH | N/A |
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. | |||||
CVE-2008-5699 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.6 MEDIUM | N/A |
The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors. | |||||
CVE-2009-1933 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. | |||||
CVE-2009-0319 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." | |||||
CVE-2009-1478 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors. | |||||
CVE-2009-3000 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.1 HIGH | N/A |
The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling." | |||||
CVE-2009-0267 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 5.0 MEDIUM | N/A |
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. | |||||
CVE-2009-2487 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.8 HIGH | N/A |
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors. | |||||
CVE-2009-3839 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server. | |||||
CVE-2009-1170 | 1 Sun | 1 Opensolaris | 2023-12-10 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in Sun OpenSolaris snv_100 through snv_101 allows local users, with privileges in a non-global zone, to execute arbitrary code in the global zone when a global-zone user is using mdb on a non-global zone process. | |||||
CVE-2009-0913 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. | |||||
CVE-2009-0069 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. | |||||
CVE-2009-0875 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 6.9 MEDIUM | N/A |
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. | |||||
CVE-2009-1763 | 1 Sun | 1 Opensolaris | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in the Solaris Secure Digital slot driver (aka sdhost) in Sun OpenSolaris snv_105 through snv_108 on the x86 platform allows local users to gain privileges or cause a denial of service (filesystem or memory corruption) via unknown vectors. | |||||
CVE-2009-0477 | 1 Sun | 1 Opensolaris | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. | |||||
CVE-2009-0304 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.8 HIGH | N/A |
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. | |||||
CVE-2008-0964 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2023-12-10 | 9.3 HIGH | N/A |
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | |||||
CVE-2008-5910 | 1 Sun | 1 Opensolaris | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653462. | |||||
CVE-2009-2596 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. | |||||
CVE-2008-2710 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison. |