Search Results (Refine Search)
- Keyword (text search): cpe:/o:sun:solaris
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-0875 |
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. Published: March 12, 2009; 11:20:49 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2009-0874 |
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. Published: March 12, 2009; 11:20:49 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0873 |
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other." Published: March 11, 2009; 10:19:15 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-0872 |
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. Published: March 11, 2009; 10:19:15 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-0870 |
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. Published: March 10, 2009; 4:30:06 PM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2009-0868 |
CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Published: March 10, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-0857 |
Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. Published: March 09, 2009; 5:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-0601 |
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. Published: February 16, 2009; 3:30:03 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2009-0480 |
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. Published: February 09, 2009; 11:30:00 AM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-6024 |
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. Published: February 02, 2009; 5:00:00 PM -0500 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
CVE-2009-0346 |
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. Published: January 29, 2009; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0319 |
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." Published: January 28, 2009; 1:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2009-0304 |
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. Published: January 27, 2009; 3:30:05 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-0268 |
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. Published: January 26, 2009; 10:30:04 AM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0267 |
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. Published: January 26, 2009; 10:30:04 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-0168 |
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. Published: January 16, 2009; 4:30:03 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0167 |
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." Published: January 16, 2009; 4:30:03 PM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2009-0132 |
Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument). Published: January 15, 2009; 12:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0069 |
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. Published: January 07, 2009; 3:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-5746 |
Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files. Published: December 29, 2008; 10:24:23 AM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |