Sun

Sunos

561 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2002-1345

  • EPSS 2.13%
  • Veröffentlicht 23.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.

7.5

CVE-2002-1317

  • EPSS 42.48%
  • Veröffentlicht 11.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

4.6

CVE-2002-1323

  • EPSS 0.08%
  • Veröffentlicht 11.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

2.1

CVE-2002-1587

  • EPSS 0.07%
  • Veröffentlicht 04.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex.

2.1

CVE-2002-1586

  • EPSS 0.07%
  • Veröffentlicht 03.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference.

5

CVE-2002-1585

  • EPSS 0.74%
  • Veröffentlicht 08.11.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic.

7.2

CVE-2002-1590

  • EPSS 0.04%
  • Veröffentlicht 29.10.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local u...

5

CVE-2002-1199

  • EPSS 2.14%
  • Veröffentlicht 28.10.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

5

CVE-2002-1228

  • EPSS 0.7%
  • Veröffentlicht 28.10.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.

2.1

CVE-2002-1589

  • EPSS 0.07%
  • Veröffentlicht 24.10.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic).