Search Results (Refine Search)
- CPE Product Version: cpe:/o:sun:sunos:5.4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-1999-0687 |
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. Published: September 13, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0691 |
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. Published: September 13, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0674 |
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. Published: August 09, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0696 |
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). Published: July 01, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-0118 |
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. Published: June 09, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0493 |
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. Published: June 07, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0223 |
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. Published: March 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-0370 |
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. Published: February 10, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0188 |
The passwd command in Solaris can be subjected to a denial of service. Published: December 17, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0056 |
Buffer overflow in Sun's ping program can give root access to local users. Published: September 09, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0065 |
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. Published: August 31, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0339 |
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. Published: August 01, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1432 |
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges. Published: July 16, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0213 |
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. Published: July 15, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0054 |
Sun's ftpd daemon can be subjected to a denial of service. Published: June 10, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0008 |
Buffer overflow in NIS+, in Sun's rpc.nisd program. Published: June 08, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0303 |
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. Published: May 21, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0055 |
Buffer overflows in Sun libnsl allow root access. Published: May 14, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0009 |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. Published: April 08, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0010 |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. Published: April 08, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |