Sun

Solaris

451 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.43%
  • Veröffentlicht 23.08.2006 19:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:49

Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile.

  • EPSS 0.35%
  • Veröffentlicht 23.08.2006 19:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:49

Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than...

  • EPSS 1.28%
  • Veröffentlicht 23.08.2006 01:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:49

Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to TCP fusion (do_tcp_fusion).

  • EPSS 1.36%
  • Veröffentlicht 14.08.2006 23:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:30

Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries.

  • EPSS 1.5%
  • Veröffentlicht 14.08.2006 21:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:27

The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP connections ("heavy TCP/IP loads")....

  • EPSS 1.25%
  • Veröffentlicht 01.08.2006 22:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:10

The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified.

  • EPSS 2.71%
  • Veröffentlicht 28.07.2006 22:04:00
  • Zuletzt bearbeitet 16.06.2026 22:28:05

The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm.

Exploit
  • EPSS 0.99%
  • Veröffentlicht 25.07.2006 13:22:00
  • Zuletzt bearbeitet 16.06.2026 22:27:54

systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer over...

  • EPSS 0.44%
  • Veröffentlicht 25.07.2006 13:22:00
  • Zuletzt bearbeitet 16.06.2026 22:27:54

The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication.

  • EPSS 1.67%
  • Veröffentlicht 24.07.2006 12:19:00
  • Zuletzt bearbeitet 16.06.2026 22:27:47

Unspecified vulnerability in Sun Solaris 10 allows context-dependent attackers to cause a denial of service (panic) via unspecified vectors involving the event port API.