| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. |
| Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command. |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. |
| Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. |
| Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. |
| Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n. |
| Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. |
| ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. |
| The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file. |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. |
| Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. |
| StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords. |
| The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. |
| The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root). |
| The recover program in Solstice Backup allows local users to restore sensitive files. |
| Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. |
| Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database. |
