- EPSS 1.59%
- Veröffentlicht 27.01.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:28
Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.
CVE-2003-1071
- EPSS 1.07%
- Veröffentlicht 03.01.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:28
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.
CVE-2002-1871
- EPSS 0.35%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:12
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.
CVE-2002-1980
- EPSS 0.47%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:25
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.
CVE-2002-2089
- EPSS 0.44%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:38
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.
CVE-2002-2197
- EPSS 0.38%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:49
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
CVE-2002-2203
- EPSS 0.33%
- Veröffentlicht 31.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:00:50
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.
- EPSS 5.66%
- Veröffentlicht 27.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:35
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
CVE-2002-1296
- EPSS 0.62%
- Veröffentlicht 23.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:04
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
- EPSS 2.78%
- Veröffentlicht 23.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:08
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.