Sun

Solaris

451 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2007-0470

  • EPSS 0.06%
  • Published 24.01.2007 01:28:00
  • Last modified 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.

4.6

CVE-2007-0393

  • EPSS 0.07%
  • Published 19.01.2007 23:28:00
  • Last modified 09.04.2025 00:30:58

Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.

7.8

CVE-2007-0165

  • EPSS 10.23%
  • Published 10.01.2007 00:28:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.

6.6

CVE-2006-6494

  • EPSS 0.04%
  • Published 13.12.2006 01:28:00
  • Last modified 09.04.2025 00:30:58

Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format stri...

6.6

CVE-2006-6495

  • EPSS 0.06%
  • Published 13.12.2006 01:28:00
  • Last modified 09.04.2025 00:30:58

Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally ...

4.7

CVE-2006-6275

  • EPSS 0.05%
  • Published 04.12.2006 11:28:00
  • Last modified 09.04.2025 00:30:58

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.

4.9

CVE-2006-5726

Exploit
  • EPSS 0.26%
  • Published 06.11.2006 17:07:00
  • Last modified 09.04.2025 00:30:58

alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems with malformed data structures.

4.9

CVE-2006-5396

  • EPSS 0.07%
  • Published 18.10.2006 19:07:00
  • Last modified 09.04.2025 00:30:58

The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system.

3.6

CVE-2006-4842

  • EPSS 10.7%
  • Published 12.10.2006 00:07:00
  • Last modified 09.04.2025 00:30:58

The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrar...

4

CVE-2006-5201

  • EPSS 3.82%
  • Published 10.10.2006 04:06:00
  • Last modified 09.04.2025 00:30:58

Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (...