| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in BIND 8.2 via NXT records. |
| Denial of service in BIND named via malformed SIG records. |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. |
| Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. |
| Denial of service in BIND named via consuming more than "fdmax" file descriptors. |
| Denial of service in BIND named via naptr. |
| Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. |
| Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. |
| Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. |
| Buffer overflow in uum program for Canna input system allows local users to gain root privileges. |
| Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. |
| Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. |
| Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. |
| Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. |
| Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. |
| Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. |
| NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade. |
| useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. |
| CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string. |
