Sun Opensolaris vulnerabilities

108 known vulnerabilities affecting sun/opensolaris.

Total CVEs

108

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL7HIGH34MEDIUM61LOW6

Vulnerabilities

Page 5 of 6

CVE-2009-0319MEDIUMCVSS 6.9≤ snv_107vsnv_01+105 more2009-01-28

CVE-2009-0319 [MEDIUM] CVE-2009-0319: Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSo Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."

nvd

CVE-2009-0277HIGHCVSS 7.8vsnv_100vsnv_101+1 more2009-01-27

CVE-2009-0277 [HIGH] CVE-2009-0277: Unspecified vulnerability in the kernel in OpenSolaris snv_100 through snv_102 on the Sun UltraSPARC Unspecified vulnerability in the kernel in OpenSolaris snv_100 through snv_102 on the Sun UltraSPARC T2 and T2+ sun4v platforms allows local users to cause a denial of service (panic) via unknown vectors.

nvd

CVE-2009-0304HIGHCVSS 7.8PoC≤ snv_107vsnv_01+106 more2009-01-27

CVE-2009-0304 [HIGH] CVE-2009-0304: The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attacker The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c.

nvd

CVE-2009-0268MEDIUMCVSS 4.9≤ snv_102vsnv_01+100 more2009-01-26

CVE-2009-0268 [MEDIUM] CWE-362 CVE-2009-0268: Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenS Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.

nvd

CVE-2009-0267MEDIUMCVSS 5.0≤ snv_99vsnv_01+97 more2009-01-26

CVE-2009-0267 [MEDIUM] CVE-2009-0267: libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, whi libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.

nvd

CVE-2009-0167MEDIUMCVSS 4.7vsnv_61vsnv_62+44 more2009-01-16

CVE-2009-0167 [MEDIUM] CVE-2009-0167: Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."

nvd

CVE-2009-0168MEDIUMCVSS 4.9vsnv_61vsnv_62+44 more2009-01-16

CVE-2009-0168 [MEDIUM] CVE-2009-0168: Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.

nvd

CVE-2009-0131MEDIUMCVSS 4.9vsnv_29vsnv_30+60 more2009-01-15

CVE-2009-0131 [MEDIUM] CVE-2009-0131: The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call.

nvd

CVE-2009-0069MEDIUMCVSS 4.9≤ snv_101vsnv_01+100 more2009-01-07

CVE-2009-0069 [MEDIUM] CWE-399 CVE-2009-0069: Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client i Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors.

nvd

CVE-2008-5699MEDIUMCVSS 4.6vsnv_50vsnv_51+53 more2008-12-22

CVE-2008-5699 [MEDIUM] CWE-264 CVE-2008-5699: The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does n The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors.

nvd

CVE-2008-5689HIGHCVSS 7.2PoCvsnv_01vsnv_02+77 more2008-12-19

CVE-2008-5689 [HIGH] CWE-399 CVE-2008-5689: tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a d tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference.

nvd

CVE-2008-5684MEDIUMCVSS 5.0≤ snv_84vsnv_01+83 more2008-12-19

CVE-2008-5684 [MEDIUM] CWE-399 CVE-2008-5684: Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 throu Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session).

nvd

CVE-2008-5690LOWCVSS 2.1vsnv_01vsnv_02+102 more2008-12-19

CVE-2008-5690 [LOW] CWE-255 CVE-2008-5690: The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 th The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5.

nvd

CVE-2008-5661MEDIUMCVSS 5.4vsnv_47vsnv_48+34 more2008-12-17

CVE-2008-5661 [MEDIUM] CWE-399 CVE-2008-5661: The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain pa The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference.

nvd

CVE-2008-5133MEDIUMCVSS 5.8≤ snv_95vsnv_01+93 more2008-11-18

CVE-2008-5133 [MEDIUM] CVE-2008-5133: ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server wit ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queri

nvd

CVE-2008-5111MEDIUMCVSS 4.7vsnv_57vsnv_58+33 more2008-11-17

CVE-2008-5111 [MEDIUM] CVE-2008-5111: Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through sn Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function.

nvd

CVE-2008-5010CRITICALCVSS 10.0PoC≤ snv_102vsnv_01+100 more2008-11-10

CVE-2008-5010 [CRITICAL] CVE-2008-5010: in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, all in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805.

nvd

CVE-2008-4160MEDIUMCVSS 4.7vsnv_01vsnv_02+85 more2008-09-22

CVE-2008-4160 [MEDIUM] CWE-399 CVE-2008-4160: Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation.

nvd

CVE-2008-3875HIGHCVSS 7.2≤ build_snv_89vbuild_snv_01+11 more2008-09-02

CVE-2008-3875 [HIGH] CWE-264 CVE-2008-3875: The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass ch The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls.

nvd

CVE-2008-3838HIGHCVSS 7.2≤ snv_87vsnv_01+85 more2008-08-27

CVE-2008-3838 [HIGH] CWE-20 CVE-2008-3838: Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solari Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation in Sun Solaris 10 and OpenSolaris before snv_88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of service.

nvd

← Previous5 / 6Next →