U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 192 matching records.
Displaying matches 141 through 160.
Vuln ID Summary CVSS Severity
CVE-2001-0115

Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.

Published: March 12, 2001; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2001-0059

patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.

Published: February 12, 2001; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 6.2 MEDIUM
CVE-2001-0095

catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.

Published: February 12, 2001; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 1.2 LOW
CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Published: November 14, 2000; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

Published: June 14, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0407

Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.

Published: May 12, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0316

Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option.

Published: April 24, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0317

Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option.

Published: April 24, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0337

Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter.

Published: April 24, 2000; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0055

Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.

Published: January 06, 2000; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0030

Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.

Published: December 22, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2000-0032

Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.

Published: December 22, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0977

Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.

Published: December 10, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0974

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

Published: December 09, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0973

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

Published: December 07, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0859

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.

Published: December 01, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 2.1 LOW
CVE-1999-0860

Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

Published: December 01, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 2.1 LOW
CVE-1999-0840

Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.

Published: November 30, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0841

Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.

Published: November 30, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0818

Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.

Published: November 20, 1999; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH