U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:oracle:solaris:10:*:*:ko:sparc:*:*:*
  • CPE Name Search: true
There are 142 matching records.
Displaying matches 141 through 142.
Vuln ID Summary CVSS Severity
CVE-2007-0882

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.

Published: February 12, 2007; 3:28:00 PM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Published: August 18, 2004; 12:00:00 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM