| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic. |
| Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference. |
| The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. |
| Sun's ftpd daemon can be subjected to a denial of service. |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| Solaris volrmmount program allows attackers to read any file. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. |
| Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. |
| CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string. |
| aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file. |
| Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function. |
| Vacation program allows command execution by remote users through a sendmail command. |
