Filtered by vendor Sun
Subscriptions
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0701 | 1 Sun | 1 Ray Server Software | 2024-08-08 | N/A |
Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which could cause a user session to stay logged in and allow local users to gain unauthorized access. | ||||
CVE-2004-0653 | 1 Sun | 1 Solaris | 2024-08-08 | N/A |
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. | ||||
CVE-2004-0651 | 1 Sun | 2 Jre, Sdk | 2024-08-08 | N/A |
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). | ||||
CVE-2004-0654 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). | ||||
CVE-2004-0523 | 5 Mit, Redhat, Sgi and 2 more | 8 Kerberos, Kerberos 5, Enterprise Linux and 5 more | 2024-08-08 | N/A |
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | ||||
CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2024-08-08 | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | ||||
CVE-2004-0360 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors. | ||||
CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-08-08 | N/A |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | ||||
CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2024-08-08 | 7.5 High |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2024-08-08 | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||||
CVE-2005-4806 | 1 Sun | 1 Java System Web Proxy Server | 2024-08-08 | N/A |
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors. | ||||
CVE-2005-4795 | 1 Sun | 1 Sunos | 2024-08-08 | N/A |
Unspecified vulnerability in the multi-language environment library (libmle) in Solaris 7 and 8, as shipped with the Japanese locale, allows local users to gain privileges via unknown attack vectors. | ||||
CVE-2005-4804 | 1 Sun | 1 Java System Application Server | 2024-08-08 | N/A |
Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications. | ||||
CVE-2005-4797 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command. | ||||
CVE-2005-4706 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function. | ||||
CVE-2005-4701 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx. | ||||
CVE-2005-4552 | 1 Sun | 1 Solaris Pc Netlink | 2024-08-07 | N/A |
The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC NetLink 2.0 create temporary files insecurely, which allows local users to gain privileges. | ||||
CVE-2005-4350 | 1 Sun | 1 Wbem Services | 2024-08-07 | N/A |
Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors. | ||||
CVE-2005-4133 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files. | ||||
CVE-2005-4045 | 1 Sun | 1 Java Communications Services Delegated Administrator | 2024-08-07 | N/A |
Unspecified vulnerability in System Communications Services 6 Delegated Administrator 2005Q1 in Sun Java System Messaging Server 2005Q1 allows remote attackers to obtain the Top-Level Administrator (TLA) default password via unknown vectors, possibly involving configure_toplevel_admin.ldif. |