| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. |
| Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Vacation program allows command execution by remote users through a sendmail command. |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Buffer overflow in ffbconfig in Solaris 2.5.1. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| vold in Solaris 2.x allows local users to gain root access. |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. |
| The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. |
| Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. |
| NFS cache poisoning. |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
