Search Results (Refine Search)
- CPE Product Version: cpe:/o:sun:sunos:4.1.3u1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-0217 |
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier. Published: June 12, 2012; 6:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2001-1583 |
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. Published: December 31, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2001-0652 |
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. Published: October 30, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2001-0565 |
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. Published: August 14, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2001-0421 |
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. Published: July 02, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2001-0401 |
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. Published: June 18, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2001-0190 |
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). Published: March 26, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1592 |
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. Published: December 31, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0687 |
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. Published: September 13, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0320 |
SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. Published: March 01, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-1999-0015 |
Teardrop IP denial of service. Published: December 16, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0104 |
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. Published: December 16, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0017 |
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. Published: December 10, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0016 |
Land IP denial of service. Published: December 01, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0097 |
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). Published: October 29, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0185 |
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. Published: October 01, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-1192 |
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. Published: June 24, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1191 |
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. Published: May 19, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0040 |
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. Published: May 01, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0046 |
Buffer overflow of rlogin program using TERM environmental variable. Published: February 06, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |