| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in ffbconfig in Solaris 2.5.1. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available. |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd. |
| Denial of service in BIND named via naptr. |
| The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities. |
| Vacation program allows command execution by remote users through a sendmail command. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available. |
| Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code. |
| Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. |
| Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| Delete or create a file via rpc.statd, due to invalid information. |
