U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:sun:solaris:2.6:hw3:x86:*:*:*:*:*
  • CPE Name Search: true
There are 186 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2001-0115

Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.

Published: March 12, 2001; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2001-0124

Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.

Published: March 12, 2001; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Published: November 14, 2000; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

Published: June 14, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0407

Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.

Published: May 12, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0317

Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.

Published: April 24, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0055

Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.

Published: January 06, 2000; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0977

Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.

Published: December 10, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0974

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

Published: December 09, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0973

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

Published: December 07, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0859

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.

Published: December 01, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 2.1 LOW
CVE-1999-0860

Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

Published: December 01, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 2.1 LOW
CVE-1999-0948

Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

Published: November 02, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0949

Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

Published: November 02, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0908

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.

Published: September 23, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

Published: September 22, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 4.6 MEDIUM
CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

Published: September 13, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

Published: September 13, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

Published: September 13, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0767

Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.

Published: September 08, 1999; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH