) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-1999-0974 |
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. Published: December 09, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-1999-0973 |
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. Published: December 07, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-1999-0859 |
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. Published: December 01, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
| CVE-1999-0860 |
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. Published: December 01, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
| CVE-1999-0908 |
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. Published: September 23, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-1999-0786 |
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. Published: September 22, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
| CVE-1999-0687 |
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. Published: September 13, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-1999-0689 |
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. Published: September 13, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-1999-0691 |
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. Published: September 13, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-1999-0674 |
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. Published: August 09, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-1999-0676 |
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. Published: August 09, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
| CVE-1999-0696 |
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). Published: July 01, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-1999-0493 |
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. Published: June 07, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-1999-1371 |
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. Published: March 08, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-1999-0370 |
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. Published: February 10, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
| CVE-1999-0442 |
Solaris ff.core allows local users to modify files. Published: January 07, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
| CVE-1999-0188 |
The passwd command in Solaris can be subjected to a denial of service. Published: December 17, 1998; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-1999-0057 |
Vacation program allows command execution by remote users through a sendmail command. Published: November 16, 1998; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-1999-0056 |
Buffer overflow in Sun's ping program can give root access to local users. Published: September 09, 1998; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-1999-0302 |
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. Published: September 01, 1998; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |