Filtered by vendor Sun
Subscribe
Total
1705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2018-10-30 | 7.5 HIGH | N/A |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||||
| CVE-2007-0503 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors. | |||||
| CVE-2007-0470 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors. | |||||
| CVE-2002-1590 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service. | |||||
| CVE-2002-1589 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). | |||||
| CVE-2007-0165 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.8 HIGH | N/A |
| Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind. | |||||
| CVE-2002-1585 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic. | |||||
| CVE-2006-7140 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.8 MEDIUM | N/A |
| The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339. | |||||
| CVE-2006-6495 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 6.6 MEDIUM | N/A |
| Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cases of external introduction of malicious message files, or if it is leveraged with other vulnerabilities such as CVE-2006-6494. | |||||
| CVE-2006-6494 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 6.6 MEDIUM | N/A |
| Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers. | |||||
| CVE-2006-6275 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 4.7 MEDIUM | N/A |
| Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals. | |||||
| CVE-2008-0965 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2018-10-30 | 9.3 HIGH | N/A |
| Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. | |||||
| CVE-2006-5214 | 2 Netbsd, Sun | 3 Netbsd, Solaris, Sunos | 2018-10-30 | 1.2 LOW | N/A |
| Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users. | |||||
| CVE-2002-1323 | 5 Redhat, Safe.pm, Sco and 2 more | 9 Enterprise Linux, Linux Advanced Workstation, Safe.pm and 6 more | 2018-10-30 | 4.6 MEDIUM | N/A |
| Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | |||||
| CVE-2008-0964 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2018-10-30 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | |||||
| CVE-2006-5073 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013. | |||||
| CVE-2008-1369 | 1 Sun | 2 Sparc Enterprise Server, Sunos | 2018-10-30 | 10.0 HIGH | N/A |
| A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors. | |||||
| CVE-2006-4306 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. | |||||
| CVE-2006-4307 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319. | |||||
| CVE-1999-0410 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. | |||||