Sun Solaris vulnerabilities

CVE-1999-0320 [CRITICAL] CVE-1999-0320: SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

CVE-1999-0502 [HIGH] CVE-1999-0502: A Unix account has a default, null, blank, or missing password. A Unix account has a default, null, blank, or missing password.

CVE-1999-0296 [HIGH] CVE-1999-0296: Solaris volrmmount program allows attackers to read any file. Solaris volrmmount program allows attackers to read any file.

CVE-1999-0513 [MEDIUM] CVE-1999-0513: ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denia ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

CVE-1999-0210 [CRITICAL] CVE-1999-0210: Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.

CVE-1999-0097 [CRITICAL] CVE-1999-0097: The AIX FTP client can be forced to execute commands from a malicious server through shell metachara The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

CVE-1999-0185 [HIGH] CVE-1999-0185: In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.

CVE-1999-0300 [HIGH] CVE-1999-0300: nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.

CVE-1999-0295 [HIGH] CVE-1999-0295: Solaris sysdef command allows local users to read kernel memory, potentially leading to root privile Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.

CVE-1999-0024 [MEDIUM] CVE-1999-0024: DNS cache poisoning via BIND, by predictable query IDs. DNS cache poisoning via BIND, by predictable query IDs.

CVE-1999-1419 [HIGH] CVE-1999-1419: Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gai Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.

CVE-1999-1423 [LOW] CVE-1999-1423: ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping r ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

CVE-1999-0189 [HIGH] CVE-1999-0189: Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard po Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.

CVE-1999-1191 [HIGH] CVE-1999-1191: Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

CVE-1999-1402 [LOW] CVE-1999-1402: The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

CVE-1999-0040 [HIGH] CVE-1999-0040: Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

CVE-1999-0038 [HIGH] CWE-120 CVE-1999-0038: Buffer overflow in xlock program allows local users to execute commands as root. Buffer overflow in xlock program allows local users to execute commands as root.

CVE-1999-0315 [HIGH] CVE-1999-0315: Buffer overflow in Solaris fdformat command gives root access to local users. Buffer overflow in Solaris fdformat command gives root access to local users.

CVE-1999-0318 [HIGH] CVE-1999-0318: Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

CVE-1999-0369 [HIGH] CVE-1999-0369: The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root acc The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.