National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:sun:sunos:-
There are 169 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2001-0236

Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.

Published: May 03, 2001; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2001-0190

Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).

Published: March 26, 2001; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2001-0115

Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.

Published: March 12, 2001; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

Published: June 14, 2000; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2000-0407

Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.

Published: May 12, 2000; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2000-0317

Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.

Published: April 24, 2000; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2000-0055

Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.

Published: January 06, 2000; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-1102

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.

Published: December 31, 1999; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-1999-0977

Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.

Published: December 10, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-0974

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

Published: December 09, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-0973

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

Published: December 07, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-0859

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.

Published: December 01, 1999; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-1999-0860

Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

Published: December 01, 1999; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-1999-0948

Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

Published: November 02, 1999; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-0949

Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

Published: November 02, 1999; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-0908

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.

Published: September 23, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

Published: September 22, 1999; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0767

Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.

Published: September 08, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH