Filtered by vendor Sun Subscriptions
Total 1712 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0526 1 Sun 1 Solaris 2024-11-20 N/A
Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
CVE-2001-0470 1 Sun 1 Sunos 2024-11-20 N/A
Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.
CVE-2001-0426 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable.
CVE-2001-0423 1 Sun 1 Solaris 2024-11-20 N/A
Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093.
CVE-2001-0422 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
CVE-2001-0421 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
CVE-2001-0404 1 Sun 1 Javaserver Web Dev Kit 2024-11-20 N/A
Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.
CVE-2001-0403 1 Sun 1 Sunos 2024-11-20 N/A
/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI.
CVE-2001-0401 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
CVE-2001-0353 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.
CVE-2001-0283 1 Sun 1 Sun Ftp 2024-11-20 N/A
Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAME, or (5) PUT.
CVE-2001-0269 1 Sun 1 Sunos 2024-11-20 N/A
pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password.
CVE-2001-0236 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.
CVE-2001-0229 1 Sun 1 Chilisoft 2024-11-20 N/A
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.
CVE-2001-0190 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
CVE-2001-0165 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument.
CVE-2001-0124 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
CVE-2001-0115 1 Sun 2 Solaris, Sunos 2024-11-20 N/A
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
CVE-2001-0095 1 Sun 1 Sunos 2024-11-20 N/A
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
CVE-2001-0078 1 Sun 1 Cluster 2024-11-20 N/A
in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.