| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The SunView (SunTools) selection_svc facility allows remote users to read files. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. |
| Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code. |
| Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed. |
| sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. |
| The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| A version of rusers is running that exposes valid user information to any entity on the network. |
| In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| Land IP denial of service. |
| sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. |
| rpc.admind in Solaris is not running in a secure mode. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
| Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument. |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. |
| Denial of service in BIND named via malformed SIG records. |
