U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:sun:solaris:2.5.1:*:*:*:*:*:*:*
There are 76 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2003-1575

VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem.

Published: January 28, 2010; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2008-2710

Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison.

Published: June 16, 2008; 4:41:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2005-4796

Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.

Published: December 31, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

Published: May 05, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

Published: May 05, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Published: April 02, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2003-0028

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

Published: March 25, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Published: March 03, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-1079

Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.

Published: February 18, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-0027

Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

Published: February 07, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-1071

rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.

Published: January 03, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2002-1980

Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.

Published: December 31, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2002-2203

Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.

Published: December 31, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2002-1584

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

Published: December 27, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2002-1317

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

Published: December 11, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-1587

The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex.

Published: December 04, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2002-1586

Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference.

Published: December 03, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2002-1228

Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.

Published: October 28, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0572

FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.

Published: July 03, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2002-0033

Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.

Published: May 29, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH