| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Sun's ftpd daemon can be subjected to a denial of service. |
| patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. |
| Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). |
| Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities. |
| Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. |
| Buffer overflow in statd allows root privileges. |
| Buffer overflow in NIS+, in Sun's rpc.nisd program. |
| Vacation program allows command execution by remote users through a sendmail command. |
| The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. |
| HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window. |
| Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option. |
| The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters. |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. |
| The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. |
