Sun Solaris vulnerabilities
429 known vulnerabilities affecting sun/solaris.
Total CVEs
429
CISA KEV
0
Public exploits
102
Exploited in wild
0
Severity breakdown
CRITICAL49HIGH153MEDIUM172LOW55
Vulnerabilities
Page 16 of 22
CVE-2002-1228MEDIUMCVSS 5.0v2.5.1v7.0+2 more2002-10-28
CVE-2002-1228 [MEDIUM] CVE-2002-1228: Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a deni
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.
nvd
CVE-2002-1199MEDIUMCVSS 5.0v9.02002-10-28
CVE-2002-1199 [MEDIUM] CVE-2002-1199: The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to r
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
nvd
CVE-2002-1589LOWCVSS 2.1v8.02002-10-24
CVE-2002-1589 [LOW] CVE-2002-1589: Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set i
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic).
nvd
CVE-2002-0679CRITICALCVSS 10.0v2.6v9.02002-09-05
CVE-2002-0679 [CRITICAL] CVE-2002-0679: Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) a
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
nvd
CVE-2002-0796CRITICALCVSS 10.0v2.6v7.0+1 more2002-08-12
CVE-2002-0796 [CRITICAL] CVE-2002-0796: Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remo
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
nvd
CVE-2002-0391CRITICALCVSS 9.8v2.6v9.02002-08-12
CVE-2002-0391 [CRITICAL] CWE-190 CVE-2002-0391: Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
nvd
CVE-2002-0797CRITICALCVSS 10.0v2.6v7.0+1 more2002-08-12
CVE-2002-0797 [CRITICAL] CVE-2002-0797: Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote atta
Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
nvd
CVE-2002-0436CRITICALCVSS 10.0PoCv7.0v8.02002-07-26
CVE-2002-0436 [CRITICAL] CVE-2002-0436: sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitra
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
nvd
CVE-2002-0678HIGHCVSS 7.2v2.6v9.02002-07-23
CVE-2002-0678 [HIGH] CVE-2002-0678: CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a syml
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
nvd
CVE-2002-0677HIGHCVSS 7.5v2.62002-07-23
CVE-2002-0677 [HIGH] CVE-2002-0677: CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory loca
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
nvd
CVE-2002-0573HIGHCVSS 7.5v2.6v7.0+1 more2002-07-03
CVE-2002-0573 [HIGH] CVE-2002-0573: Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remot
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.
nvd
CVE-2002-0572HIGHCVSS 7.2PoCv2.5.1v2.6+2 more2002-07-03
CVE-2002-0572 [HIGH] CVE-2002-0572: FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.
nvd
CVE-2002-0033CRITICALCVSS 10.0PoCv2.5.1v2.6+2 more2002-05-29
CVE-2002-0033 [CRITICAL] CVE-2002-0033: Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to ex
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
nvd
CVE-2002-0158HIGHCVSS 7.2PoCv2.6v7.0+1 more2002-04-02
CVE-2002-0158 [HIGH] CVE-2002-0158: Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a lo
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.
nvd
CVE-2002-0090HIGHCVSS 7.2v8.02002-03-15
CVE-2002-0090 [HIGH] CVE-2002-0090: Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbit
Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.
nvd
CVE-2002-0089HIGHCVSS 7.2v2.6v8.02002-03-15
CVE-2002-0089 [HIGH] CVE-2002-0089: Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
nvd
CVE-2002-0084HIGHCVSS 7.2v2.6v8.02002-03-15
CVE-2002-0084 [HIGH] CVE-2002-0084: Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local user
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
nvd
CVE-2002-0088HIGHCVSS 7.2v2.6v8.02002-03-15
CVE-2002-0088 [HIGH] CVE-2002-0088: Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
nvd
CVE-2002-0085MEDIUMCVSS 5.0v2.6v8.02002-03-15
CVE-2002-0085 [MEDIUM] CVE-2002-0085: cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via a
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
nvd
CVE-2001-1582HIGHCVSS 7.2PoCv8.02001-12-31
CVE-2001-1582 [HIGH] CWE-119 CVE-2001-1582: Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users t
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.
nvd