| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. |
| Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. |
| Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference. |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. |
| Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors. |
| Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. |
| Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API. |
| Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries. |
| Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Buffer overflow in statd allows root privileges. |
| Command execution in Sun systems via buffer overflow in the at program. |
| Denial of service by sending forged ICMP unreachable packets. |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| Solaris ufsrestore buffer overflow. |
| Buffer overflow in SGI IRIX mailx program. |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. |
