National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:sun:sunos:-
There are 169 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-1999-0875

DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.

Published: August 11, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

Published: August 09, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0676

sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.

Published: August 09, 1999; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2000-0118

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

Published: June 09, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0493

rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.

Published: June 07, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-0773

Buffer overflow in Solaris lpset program allows local users to gain root access.

Published: May 11, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-1371

Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.

Published: March 08, 1999; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-0410

The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.

Published: March 05, 1999; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-0370

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

Published: February 10, 1999; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-1999-0442

Solaris ff.core allows local users to modify files.

Published: January 07, 1999; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-1999-0188

The passwd command in Solaris can be subjected to a denial of service.

Published: December 17, 1998; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-0139

Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.

Published: December 12, 1998; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-0057

Vacation program allows command execution by remote users through a sendmail command.

Published: November 16, 1998; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1025

CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.

Published: November 12, 1998; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-1999-0056

Buffer overflow in Sun's ping program can give root access to local users.

Published: September 09, 1998; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0065

Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.

Published: August 31, 1998; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-0339

Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.

Published: August 01, 1998; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0263

Solaris SUNWadmap can be exploited to obtain root access.

Published: July 16, 1998; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-1999-1432

Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.

Published: July 16, 1998; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-1297

cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.

Published: July 15, 1998; 12:00:00 AM -04:00
    V2: 2.1 LOW