Sun Sunos vulnerabilities

CVE-2003-1056 [HIGH] CVE-2003-1056: The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary file The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.

CVE-2003-1057 [HIGH] CVE-2003-1057: Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow loca Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.

CVE-2003-1058 [LOW] CVE-2003-1058: The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, al The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.

CVE-2003-1059 [HIGH] CVE-2003-1059: Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.

CVE-2003-1060 [MEDIUM] CVE-2003-1060: The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS pan The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.

CVE-2003-1061 [LOW] CVE-2003-1061: Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel pani Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.

CVE-2003-0694 [CRITICAL] CVE-2003-0694: The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

CVE-2003-1081 [CRITICAL] CWE-264 CVE-2003-1081: Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .a Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.

CVE-2003-0609 [HIGH] CVE-2003-0609: Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local us Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.

CVE-2003-0669 [LOW] CVE-2003-0669: Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.

CVE-2003-1063 [HIGH] CVE-2003-1063: The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2. The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.

CVE-2003-1065 [LOW] CVE-2003-1065: Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Sol Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).

CVE-2003-1055 [HIGH] CVE-2003-1055: Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain r Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup.

CVE-2003-1067 [HIGH] CVE-2003-1067: Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.

CVE-2003-1068 [HIGH] CVE-2003-1068: Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.

CVE-2003-1069 [MEDIUM] CVE-2003-1069: The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial o The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).

CVE-2003-0196 [CRITICAL] CVE-2003-0196: Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary cod Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

CVE-2003-0201 [CRITICAL] CVE-2003-0201: Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 an Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

CVE-2003-1070 [MEDIUM] CVE-2003-1070: Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).

CVE-2003-1072 [LOW] CVE-2003-1072: Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory c Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).