Sun Solaris vulnerabilities

429 known vulnerabilities affecting sun/solaris.

Total CVEs

429

CISA KEV

Public exploits

102

Exploited in wild

Severity breakdown

CRITICAL49HIGH153MEDIUM172LOW55

Vulnerabilities

Page 20 of 22

CVE-1999-0952HIGHCVSS 7.2v2.61999-01-28

CVE-1999-0952 [HIGH] CVE-1999-0952: Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.

nvd

CVE-1999-0442LOWCVSS 2.1PoCv2.5v2.5.1+2 more1999-01-07

CVE-1999-0442 [LOW] CVE-1999-0442: Solaris ff.core allows local users to modify files. Solaris ff.core allows local users to modify files.

nvd

CVE-1999-0188HIGHCVSS 7.2v2.4v2.5+2 more1998-12-17

CVE-1999-0188 [HIGH] CVE-1999-0188: The passwd command in Solaris can be subjected to a denial of service. The passwd command in Solaris can be subjected to a denial of service.

nvd

CVE-1999-0139HIGHCVSS 7.2v2.5v2.5.1+1 more1998-12-12

CVE-1999-0139 [HIGH] CVE-1999-0139: Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.

nvd

CVE-1999-1025MEDIUMCVSS 4.6v2.61998-11-12

CVE-1999-1025 [MEDIUM] CVE-1999-1025: CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's co CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.

nvd

CVE-1999-0254CRITICALCVSS 10.0v2.61998-11-02

CVE-1999-0254 [CRITICAL] CVE-1999-0254: A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtai A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.

nvd

CVE-1999-0186CRITICALCVSS 10.0v2.61998-10-01

CVE-1999-0186 [CRITICAL] CVE-1999-0186: In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.

nvd

CVE-1999-0302HIGHCVSS 7.5v2.61998-09-01

CVE-1999-0302 [HIGH] CVE-1999-0302: SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.

nvd

CVE-1999-0065HIGHCVSS 7.5v2.4v2.5+2 more1998-08-31

CVE-1999-0065 [HIGH] CVE-1999-0065: Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute comm Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.

nvd

CVE-1999-0339HIGHCVSS 7.2v2.5v2.5.1+1 more1998-08-01

CVE-1999-0339 [HIGH] CVE-1999-0339: Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.

nvd

CVE-1999-1432HIGHCVSS 7.5PoCv2.4v2.5+2 more1998-07-16

CVE-1999-1432 [HIGH] CVE-1999-1432: Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.

nvd

CVE-1999-0213CRITICALCVSS 10.0v2.61998-07-15

CVE-1999-0213 [CRITICAL] CVE-1999-0213: libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.

nvd

CVE-1999-0054MEDIUMCVSS 5.0v2.4v2.5+2 more1998-06-10

CVE-1999-0054 [MEDIUM] CVE-1999-0054: Sun's ftpd daemon can be subjected to a denial of service. Sun's ftpd daemon can be subjected to a denial of service.

nvd

CVE-1999-0008CRITICALCVSS 10.0v2.61998-06-08

CVE-1999-0008 [CRITICAL] CVE-1999-0008: Buffer overflow in NIS+, in Sun's rpc.nisd program. Buffer overflow in NIS+, in Sun's rpc.nisd program.

nvd

CVE-1999-0303MEDIUMCVSS 4.6v1.1.3v1.1.4+2 more1998-05-21

CVE-1999-0303 [MEDIUM] CVE-1999-0303: Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

nvd

CVE-1999-1027HIGHCVSS 7.2v2.61998-05-07

CVE-1999-1027 [HIGH] CVE-1999-1027: Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to g Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program.

nvd

CVE-1999-0009CRITICALCVSS 10.0PoCv2.5v2.5.1+1 more1998-04-08

CVE-1999-0009 [CRITICAL] CVE-1999-0009: Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

nvd

CVE-1999-0190HIGHCVSS 7.2v2.4v2.5+2 more1998-04-08

CVE-1999-0190 [HIGH] CVE-1999-0190: Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.

nvd

CVE-1999-0003CRITICALCVSS 10.0PoCv2.61998-04-01

CVE-1999-0003 [CRITICAL] CVE-1999-0003: Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

nvd

CVE-1999-1118LOWCVSS 2.1v2.61998-03-11

CVE-1999-1118 [LOW] CVE-1999-1118: ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP param ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.

nvd

← Previous20 / 22Next →