Sun Sunos vulnerabilities

CVE-1999-0011 [MEDIUM] CWE-1067 CVE-1999-0011: Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

CVE-1999-0010 [MEDIUM] CVE-1999-0010: Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

CVE-1999-0003 [CRITICAL] CVE-1999-0003: Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

CVE-1999-0320 [CRITICAL] CVE-1999-0320: SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

CVE-1999-0502 [HIGH] CVE-1999-0502: A Unix account has a default, null, blank, or missing password. A Unix account has a default, null, blank, or missing password.

CVE-1999-0513 [MEDIUM] CVE-1999-0513: ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denia ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

CVE-1999-0273 [MEDIUM] CVE-1999-0273: Denial of service through Solaris 2.5.1 telnet by sending ^D characters. Denial of service through Solaris 2.5.1 telnet by sending ^D characters.

CVE-1999-0104 [MEDIUM] CVE-1999-0104: A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.

CVE-1999-0017 [HIGH] CVE-1999-0017: FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP clien FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

CVE-1999-0210 [CRITICAL] CVE-1999-0210: Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.

CVE-1999-0097 [CRITICAL] CVE-1999-0097: The AIX FTP client can be forced to execute commands from a malicious server through shell metachara The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

CVE-1999-0185 [HIGH] CVE-1999-0185: In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.

CVE-1999-0300 [HIGH] CVE-1999-0300: nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.

CVE-1999-0295 [HIGH] CVE-1999-0295: Solaris sysdef command allows local users to read kernel memory, potentially leading to root privile Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.

CVE-1999-0024 [MEDIUM] CVE-1999-0024: DNS cache poisoning via BIND, by predictable query IDs. DNS cache poisoning via BIND, by predictable query IDs.

CVE-1999-1419 [HIGH] CVE-1999-1419: Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gai Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.

CVE-1999-1423 [LOW] CVE-1999-1423: ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping r ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

CVE-1999-1192 [HIGH] CVE-1999-1192: Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges vi Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

CVE-1999-0033 [HIGH] CVE-1999-0033: Command execution in Sun systems via buffer overflow in the at program. Command execution in Sun systems via buffer overflow in the at program.

CVE-1999-0189 [HIGH] CVE-1999-0189: Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard po Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.