Search Results (Refine Search)
- Keyword (text search): cpe:/o:sun:solaris
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-2297 |
Unspecified vulnerability in the udp subsystem in the kernel in Sun Solaris 10, and OpenSolaris snv_90 through snv_108, when Solaris Trusted Extensions is enabled, allows remote attackers to cause a denial of service (panic) via unspecified vectors involving the crgetlabel function, related to a "TX panic." NOTE: this issue exists because of a regression in earlier kernel patches. Published: July 02, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2009-2296 |
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. Published: July 02, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2009-2283 |
Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: July 01, 2009; 9:00:01 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-2187 |
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages. Published: June 24, 2009; 9:30:01 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-2137 |
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value. Published: June 19, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-2136 |
Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. Published: June 19, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-2135 |
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. Published: June 19, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-2029 |
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. Published: June 11, 2009; 11:30:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-1933 |
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. Published: June 05, 2009; 12:00:00 PM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2008-3870 |
Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation. Published: May 26, 2009; 5:30:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2008-3869 |
Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters. Published: May 26, 2009; 5:30:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2009-1673 |
The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD. Published: May 18, 2009; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-1478 |
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors. Published: April 29, 2009; 11:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-1276 |
XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. Published: April 09, 2009; 11:08:35 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2009-1207 |
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. Published: April 01, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2009-0926 |
Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732. Published: March 17, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0925 |
Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723. Published: March 17, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2009-0924 |
Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712. Published: March 17, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2009-0923 |
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server. Published: March 17, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-0913 |
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. Published: March 16, 2009; 1:30:07 PM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |