Search Results (Refine Search)
- CPE Product Version: cpe:/o:sun:sunos:5.5
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2000-0844 |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. Published: November 14, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-0471 |
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. Published: June 14, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0055 |
Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. Published: January 06, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0977 |
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. Published: December 10, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0974 |
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. Published: December 09, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0973 |
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. Published: December 07, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0786 |
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. Published: September 22, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0687 |
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. Published: September 13, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0689 |
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. Published: September 13, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0691 |
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. Published: September 13, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0674 |
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. Published: August 09, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0676 |
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. Published: August 09, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0696 |
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). Published: July 01, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-0118 |
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. Published: June 09, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0370 |
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. Published: February 10, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0442 |
Solaris ff.core allows local users to modify files. Published: January 07, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-0188 |
The passwd command in Solaris can be subjected to a denial of service. Published: December 17, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0056 |
Buffer overflow in Sun's ping program can give root access to local users. Published: September 09, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0302 |
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. Published: September 01, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0065 |
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. Published: August 31, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |