Sun Solaris vulnerabilities

429 known vulnerabilities affecting sun/solaris.

Total CVEs

429

CISA KEV

Public exploits

102

Exploited in wild

Severity breakdown

CRITICAL49HIGH153MEDIUM172LOW55

Vulnerabilities

Page 11 of 22

CVE-2005-3674HIGHCVSS 7.8v9.0v10.02005-11-18

CVE-2005-3674 [HIGH] CVE-2005-3674: The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 an The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-

nvd

CVE-2005-3398MEDIUMCVSS 4.3PoCv9.0v10.02005-11-01

CVE-2005-3398 [MEDIUM] CWE-200 CVE-2005-3398: The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9 The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.

nvd

CVE-2005-3250LOWCVSS 2.1v10.02005-10-17

CVE-2005-3250 [LOW] CVE-2005-3250: Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unkn Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference.

nvd

CVE-2005-3099MEDIUMCVSS 4.6v9.0v10.02005-09-28

CVE-2005-3099 [MEDIUM] CVE-2005-3099: Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows lo Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.

nvd

CVE-2005-3071LOWCVSS 2.1v9.02005-09-27

CVE-2005-3071 [LOW] CVE-2005-3071: Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, all Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS.

nvd

CVE-2005-3001LOWCVSS 2.1v10.02005-09-20

CVE-2005-3001 [LOW] CVE-2005-3001: Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of s Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.

nvd

CVE-2005-2870HIGHCVSS 7.5v10.02005-09-08

CVE-2005-2870 [HIGH] CVE-2005-2870: Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execu Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses.

nvd

CVE-2005-2072HIGHCVSS 7.2PoCv8.0v9.0+1 more2005-06-29

CVE-2005-2072 [HIGH] CWE-264 CVE-2005-2072: The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setui The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.

nvd

CVE-2005-2071MEDIUMCVSS 4.6PoCv10.02005-06-29

CVE-2005-2071 [MEDIUM] CWE-264 CVE-2005-2071: traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_N traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot).

nvd

CVE-2005-2032LOWCVSS 2.1v7.0v8.0+1 more2005-06-16

CVE-2005-2032 [LOW] CVE-2005-2032: Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrar Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.

nvd

CVE-2005-1887MEDIUMCVSS 4.6v10.02005-06-09

CVE-2005-1887 [MEDIUM] CVE-2005-1887: Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges.

nvd

CVE-2005-1591MEDIUMCVSS 5.0v7.0v8.0+1 more2005-05-16

CVE-2005-1591 [MEDIUM] CVE-2005-1591: Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of se Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.

nvd

CVE-2005-1518LOWCVSS 2.1v7.0v8.0+1 more2005-05-11

CVE-2005-1518 [LOW] CVE-2005-1518: Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, an Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500.

nvd

CVE-2005-0248HIGHCVSS 7.5v8.0v9.02005-05-02

CVE-2005-0248 [HIGH] CVE-2005-0248: The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are c The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.

nvd

CVE-2005-0816HIGHCVSS 7.2v7.0v8.0+1 more2005-05-02

CVE-2005-0816 [HIGH] CVE-2005-0816: Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges.

nvd

CVE-2005-0426MEDIUMCVSS 5.0v9.02005-05-02

CVE-2005-0426 [MEDIUM] CVE-2005-0426: Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.

nvd

CVE-2005-1124MEDIUMCVSS 4.6v9.02005-05-02

CVE-2005-1124 [MEDIUM] CVE-2005-1124: Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API.

nvd

CVE-2005-0576LOWCVSS 3.6v9.02005-05-02

CVE-2005-0576 [LOW] CVE-2005-0576: Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.

nvd

CVE-2004-0791MEDIUMCVSS 5.0PoCv9.0v10.02005-04-12

CVE-2004-0791 [MEDIUM] CVE-2004-0791: Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (networ Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2

nvd

CVE-2004-0790MEDIUMCVSS 5.0PoCv9.0v10.02005-04-12

CVE-2004-0790 [MEDIUM] CVE-2004-0790: Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are relate

nvd

← Previous11 / 22Next →