Sun

Sunos

561 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 16.82%
  • Veröffentlicht 14.06.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:11:13

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.

  • EPSS 1.23%
  • Veröffentlicht 16.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:20

Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.

  • EPSS 0.29%
  • Veröffentlicht 11.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:11

Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500.

  • EPSS 1.39%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:46

The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.

  • EPSS 1.57%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:11:05

Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.

  • EPSS 0.42%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:11:49

Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges.

  • EPSS 0.33%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:28

Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API.

  • EPSS 80.68%
  • Veröffentlicht 12.04.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:22

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have...

  • EPSS 20.32%
  • Veröffentlicht 12.04.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:23

Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench a...

  • EPSS 0.29%
  • Veröffentlicht 23.02.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:43

The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.