| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine. |
| Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable. |
| Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| Sun's ftpd daemon can be subjected to a denial of service. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. |
| nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. |
| The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. |
| The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. |
| Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to TCP fusion (do_tcp_fusion). |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
