Sun Sunos vulnerabilities

CVE-2008-2710 [HIGH] CWE-189 CVE-2008-2710: Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/i Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an o

CVE-2008-2708 [MEDIUM] CVE-2008-2708: Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv_93, allows local users to cause a denial of service (panic) via unspecified vectors, probably related to core files.

CVE-2008-2144 [CRITICAL] CVE-2008-2144: Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow rem Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.

CVE-2008-2121 [HIGH] CWE-16 CVE-2008-2121: The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of serv The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack.

CVE-2008-1778 [MEDIUM] CWE-16 CVE-2008-1778: Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 1 Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors.

CVE-2008-1480 [MEDIUM] CVE-2008-1480: rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.

CVE-2008-1369 [CRITICAL] CWE-264 CVE-2008-1369: A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/defaul A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.

CVE-2008-1095 [MEDIUM] CWE-264 CVE-2008-1095: Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 a Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.

CVE-2008-0269 [MEDIUM] CVE-2008-0269: Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a Unspecified vulnerability in the dotoprocs function in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors.

CVE-2007-6216 [MEDIUM] CWE-362 CVE-2007-6216: Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Sola Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs.

CVE-2007-5921 [MEDIUM] CVE-2007-5921: Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.

CVE-2007-5422 [MEDIUM] CWE-16 CVE-2007-5422: Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10 Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors.

CVE-2007-5225 [MEDIUM] CWE-189 CVE-2007-5225: Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.

CVE-2007-4395 [HIGH] CVE-2007-4395: Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun So Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role.

CVE-2007-4310 [MEDIUM] CVE-2007-4310: The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accoun The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503.

CVE-2007-3717 [MEDIUM] CVE-2007-3717: rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.

CVE-2007-3223 [HIGH] CVE-2007-3223: Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attacker Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.

CVE-2007-3093 [CRITICAL] CVE-2007-3093: Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solari Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.

CVE-2007-3094 [CRITICAL] CVE-2007-3094: Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.

CVE-2007-2882 [MEDIUM] CVE-2007-2882: Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.