Sun Solaris vulnerabilities

CVE-1999-0051 [HIGH] CVE-1999-0051: Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

CVE-1999-1026 [HIGH] CVE-1999-1026: aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.

CVE-1999-0129 [MEDIUM] CVE-1999-0129: Sendmail allows local users to write to a file and gain group permissions via a .forward or :include Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

CVE-1999-0132 [LOW] CVE-1999-0132: Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root acce Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.

CVE-1999-1413 [MEDIUM] CVE-1999-1413: Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.

CVE-1999-0135 [HIGH] CVE-1999-0135: admintool in Solaris allows a local user to write to arbitrary files and gain root access. admintool in Solaris allows a local user to write to arbitrary files and gain root access.

CVE-1999-0022 [HIGH] CWE-125 CVE-1999-0022: Local user gains root privileges via buffer overflow in rdist, via expstr() function. Local user gains root privileges via buffer overflow in rdist, via expstr() function.

CVE-1999-0241 [CRITICAL] CVE-1999-0241: Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.

CVE-1999-0099 [CRITICAL] CVE-1999-0099: Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.