National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:sun:sunos:5.10
There are 212 matching records.
Displaying matches 201 through 212.
Vuln ID Summary CVSS Severity

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.

Published: February 12, 2007; 03:28:00 PM -05:00
    V2: 10.0 HIGH

Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.

Published: September 26, 2006; 09:07:00 PM -04:00
    V2: 6.6 MEDIUM

Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.

Published: August 23, 2006; 09:04:00 PM -04:00
    V2: 7.2 HIGH

Unspecified vulnerability in the kernel in Solaris 10 with patch 118822-29 (118844-29 on x86) and without patch 118833-11 (118855-08) allows remote authenticated users to cause a denial of service via unspecified vectors that lead to "kernel data structure corruption" that can trigger a system panic, application failure, or "data corruption."

Published: July 21, 2006; 10:03:00 AM -04:00
    V2: 6.8 MEDIUM

Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration.

Published: December 31, 2003; 12:00:00 AM -05:00
    V2: 4.0 MEDIUM

Vacation program allows command execution by remote users through a sendmail command.

Published: November 16, 1998; 12:00:00 AM -05:00
    V2: 7.5 HIGH

Buffer overflow in Sun's ping program can give root access to local users.

Published: September 09, 1998; 12:00:00 AM -04:00
    V2: 7.2 HIGH

NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.

Published: June 29, 1998; 12:00:00 AM -04:00
    V2: 2.6 LOW

Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.

Published: April 29, 1998; 12:00:00 AM -04:00
    V2: 7.8 HIGH

The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.

Published: March 01, 1998; 12:00:00 AM -05:00
    V2: 7.5 HIGH

Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

Published: January 01, 1997; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM

The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.

Published: October 01, 1993; 12:00:00 AM -04:00
    V2: 2.1 LOW