| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The passwd command in Solaris can be subjected to a denial of service. |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. |
| Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. NOTE: this is associated with the "first issue" identified in SUNALERT:102003. |
| X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request. |
| Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. |
| The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. |
| The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. |
| Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. |
| NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries. |
| Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. |
| Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors. |
| sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| Buffer overflow in Solaris lpset program allows local users to gain root access. |
| The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. |
| Buffer overflow in Solaris dtprintinfo program. |
| Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. |
| Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. |
| ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. |
| Buffer overflow in uum program for Canna input system allows local users to gain root privileges. |
