Sun Solaris vulnerabilities

CVE-2008-0965 [CRITICAL] CWE-134 CVE-2008-0965: Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before s Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.

CVE-2008-3549 [MEDIUM] CWE-399 CVE-2008-3549: Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors.

CVE-2008-3426 [LOW] CVE-2008-3426: Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru.

CVE-2008-2946 [HIGH] CWE-399 CVE-2008-2946: The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 t The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets.

CVE-2008-2710 [HIGH] CWE-189 CVE-2008-2710: Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/i Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an o

CVE-2008-2706 [MEDIUM] CWE-399 CVE-2008-2706: Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to c Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference.

CVE-2008-2538 [MEDIUM] CWE-362 CVE-2008-2538: Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, all Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.

CVE-2008-2418 [MEDIUM] CWE-362 CVE-2008-2418: Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to ca Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.

CVE-2008-2089 [HIGH] CWE-16 CVE-2008-2089: Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attack Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.

CVE-2008-2090 [HIGH] CWE-399 CVE-2008-2090: Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attack Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.

CVE-2008-1779 [MEDIUM] CWE-399 CVE-2008-1779: Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via u Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.

CVE-2008-1780 [MEDIUM] CWE-264 CVE-2008-1780: Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions a Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors.

CVE-2008-1684 [MEDIUM] CWE-59 CVE-2008-1684: inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary fil inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.

CVE-2008-1480 [MEDIUM] CVE-2008-1480: rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.

CVE-2008-1356 [MEDIUM] CWE-287 CVE-2008-1356: Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using th Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash.

CVE-2008-1317 [MEDIUM] CVE-2008-1317: Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun So Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues.

CVE-2008-1205 [MEDIUM] CVE-2008-1205: Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daem Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors.

CVE-2008-1115 [MEDIUM] CWE-78 CVE-2008-1115: Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands.

CVE-2008-1095 [MEDIUM] CWE-264 CVE-2008-1095: Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 a Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.

CVE-2008-0938 [MEDIUM] CVE-2008-0938: Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local u Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126.