Sun Sunos vulnerabilities
537 known vulnerabilities affecting sun/sunos.
Total CVEs
537
CISA KEV
0
Public exploits
105
Exploited in wild
0
Severity breakdown
CRITICAL51HIGH178MEDIUM217LOW91
Vulnerabilities
Page 15 of 27
CVE-2004-1352HIGHCVSS 7.2v5.7v5.82004-12-01
CVE-2004-1352 [HIGH] CVE-2004-1352: Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbit
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.
nvd
CVE-2004-0360HIGHCVSS 7.2PoCv5.82004-11-23
CVE-2004-0360 [HIGH] CVE-2004-0360: Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via
Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.
nvd
CVE-2004-1353HIGHCVSS 7.2v5.82004-10-19
CVE-2004-1353 [HIGH] CVE-2004-1353: Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), a
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges.
nvd
CVE-2004-1348MEDIUMCVSS 5.0v5.82004-09-06
CVE-2004-1348 [MEDIUM] CVE-2004-1348: Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
nvd
CVE-2004-0800MEDIUMCVSS 4.6v5.82004-08-24
CVE-2004-0800 [MEDIUM] CVE-2004-0800: Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain pri
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
nvd
CVE-2004-0523CRITICALCVSS 10.0v5.82004-08-18
CVE-2004-0523 [CRITICAL] CVE-2004-0523: Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier all
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
nvd
CVE-2004-0654LOWCVSS 2.1v5.7v5.82004-08-06
CVE-2004-0654 [LOW] CVE-2004-0654: Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Admini
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).
nvd
CVE-2004-1354MEDIUMCVSS 5.0v5.82004-05-14
CVE-2004-1354 [MEDIUM] CWE-22 CVE-2004-1354: The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages w
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack.
nvd
CVE-2004-1355LOWCVSS 2.1v5.92004-04-26
CVE-2004-1355 [LOW] CVE-2004-1355: Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a deni
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
nvd
CVE-2004-1356LOWCVSS 2.1v5.82004-04-23
CVE-2004-1356 [LOW] CVE-2004-1356: Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
nvd
CVE-2004-1359MEDIUMCVSS 4.6v5.7v5.82004-03-04
CVE-2004-1359 [MEDIUM] CVE-2004-1359: Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbi
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
nvd
CVE-2004-1180MEDIUMCVSS 5.0v5.92004-02-16
CVE-2004-1180 [MEDIUM] CVE-2004-1180: Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
nvd
CVE-2004-1082HIGHCVSS 7.5v5.82004-02-03
CVE-2004-1082 [HIGH] CVE-2004-1082: mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
nvd
CVE-2003-1024HIGHCVSS 7.2v5.82004-01-20
CVE-2003-1024 [HIGH] CVE-2003-1024: Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.
nvd
CVE-2003-0999HIGHCVSS 7.2v5.7v5.82004-01-05
CVE-2003-0999 [HIGH] CVE-2003-0999: Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
nvd
CVE-2003-1076HIGHCVSS 7.2v5.7v5.82003-12-31
CVE-2003-1076 [HIGH] CVE-2003-1076: Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of se
Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.
nvd
CVE-2003-1082HIGHCVSS 7.2v5.7v5.82003-12-31
CVE-2003-1082 [HIGH] CVE-2003-1082: Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges,
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068.
nvd
CVE-2003-1066MEDIUMCVSS 5.0v5.7v5.82003-12-31
CVE-2003-1066 [MEDIUM] CVE-2003-1066: Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a de
Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.
nvd
CVE-2003-1073LOWCVSS 1.2PoCv5.5v5.5.1+2 more2003-12-31
CVE-2003-1073 [LOW] CVE-2003-1073: A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.
nvd
CVE-2003-0914MEDIUMCVSS 4.3v5.7v5.82003-12-15
CVE-2003-0914 [MEDIUM] CVE-2003-0914: ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
nvd