Sun Sunos vulnerabilities

CVE-2011-2291 [LOW] CVE-2011-2291: Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality via unkn Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality via unknown vectors related to Trusted Extensions.

CVE-2011-2258 [MEDIUM] CVE-2011-2258: Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect co Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rksh.

CVE-2011-2259 [MEDIUM] CVE-2011-2259: Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect av Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to UFS.

CVE-2011-2249 [MEDIUM] CVE-2011-2249: Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote authenticated users to affect Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote authenticated users to affect availability, related to TCP/IP.

CVE-2011-0841 [HIGH] CVE-2011-0841: Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availabilit Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP.

CVE-2011-0800 [MEDIUM] CVE-2011-0800: Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration Utilities.

CVE-2011-0813 [MEDIUM] CVE-2011-0813: Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect av Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2012-0098.

CVE-2011-0820 [MEDIUM] CVE-2011-0820: Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect ava Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Kernel.

CVE-2011-0829 [MEDIUM] CVE-2011-0829: Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availabil Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/SPARC.

CVE-2011-0821 [LOW] CVE-2011-0821: Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentialit Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp.

CVE-2011-0839 [LOW] CVE-2011-0839: Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect avail Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect availability, related to LOFS.

CVE-2011-0790 [LOW] CVE-2011-0790: Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality vi Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality via unknown vectors related to wbem.

CVE-2011-0812 [LOW] CVE-2011-0812: Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel.

CVE-2011-0801 [LOW] CVE-2011-0801: Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confident Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to cp.

CVE-2011-0412 [LOW] CWE-255 CVE-2011-0412: Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable per Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.

CVE-2010-4435 [CRITICAL] CVE-2010-4435: Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confident Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operatin

CVE-2010-2632 [HIGH] CVE-2010-2632: Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users

CVE-2010-4457 [HIGH] CVE-2010-4457: Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availabilit Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to SMB and CIFS.

CVE-2010-4443 [MEDIUM] CVE-2010-4443: Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availabil Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.

CVE-2010-4458 [MEDIUM] CVE-2010-4458: Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, re Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to ZFS.