Search Results (Refine Search)
- Keyword (text search): cpe:/o:sun:solaris
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2008-1317 |
Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues. Published: March 13, 2008; 10:44:00 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-1286 |
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors. Published: March 11, 2008; 1:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2008-1205 |
Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors. Published: March 07, 2008; 7:44:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-1115 |
Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands. Published: March 03, 2008; 1:44:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-1095 |
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly. Published: February 29, 2008; 6:44:00 AM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2008-0933 |
Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service (panic) via unspecified vectors related to kcpc_unbind and kcpc_restore. Published: February 25, 2008; 1:44:00 PM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2008-0938 |
Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126. Published: February 25, 2008; 1:44:00 PM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2008-0836 |
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319. Published: February 20, 2008; 4:44:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2008-0730 |
The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read from, the home directories of other users. Published: February 12, 2008; 4:00:00 PM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2008-0718 |
Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors. Published: February 11, 2008; 9:00:00 PM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2008-0212 |
ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. Published: February 06, 2008; 4:00:00 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2008-0242 |
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions. Published: January 11, 2008; 9:46:00 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2007-6505 |
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities. Published: December 20, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2007-6482 |
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Published: December 20, 2007; 3:46:00 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-6413 |
Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user. Published: December 17, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-6225 |
Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors. Published: December 04, 2007; 1:46:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2007-6232 |
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. Published: December 04, 2007; 1:46:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-6216 |
Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs. Published: December 04, 2007; 10:46:00 AM -0500 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2007-6180 |
Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors. Published: November 29, 2007; 7:46:00 PM -0500 |
V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2007-5716 |
Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet. Published: October 30, 2007; 5:46:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |