Filtered by vendor Sun
Subscriptions
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-1999-1413 | 1 Sun | 2 Solaris, Sunos | 2024-08-01 | N/A |
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. | ||||
CVE-1999-1587 | 1 Sun | 2 Solaris, Sunos | 2024-08-01 | N/A |
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option. | ||||
CVE-1999-1586 | 1 Sun | 1 Sunos | 2024-08-01 | N/A |
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. | ||||
CVE-1999-1527 | 1 Sun | 2 Forte, Netbeans Developer | 2024-08-01 | N/A |
Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server. | ||||
CVE-1999-1584 | 1 Sun | 2 Openwindows, Sunos | 2024-08-01 | N/A |
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586. | ||||
CVE-1999-1580 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2024-08-01 | N/A |
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | ||||
CVE-1999-1507 | 1 Sun | 1 Sunos | 2024-08-01 | N/A |
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. | ||||
CVE-1999-1530 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2024-08-01 | N/A |
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. | ||||
CVE-1999-1506 | 1 Sun | 1 Sunos | 2024-08-01 | N/A |
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin. | ||||
CVE-1999-1467 | 1 Sun | 1 Sunos | 2024-08-01 | N/A |
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user. | ||||
CVE-1999-1468 | 4 Cray, Next, Sgi and 1 more | 4 Unicos, Next, Irix and 1 more | 2024-08-01 | N/A |
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. | ||||
CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2024-08-01 | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | ||||
CVE-1999-1426 | 1 Sun | 1 Solstice Adminsuite | 2024-08-01 | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files. | ||||
CVE-1999-1432 | 1 Sun | 2 Solaris, Sunos | 2024-08-01 | N/A |
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges. | ||||
CVE-1999-1449 | 1 Sun | 1 Sunos | 2024-08-01 | N/A |
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device. | ||||
CVE-1999-1423 | 1 Sun | 2 Solaris, Sunos | 2024-08-01 | N/A |
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. | ||||
CVE-1999-1402 | 2 Freebsd, Sun | 3 Freebsd, Solaris, Sunos | 2024-08-01 | N/A |
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | ||||
CVE-1999-1438 | 1 Sun | 1 Sunos | 2024-08-01 | N/A |
Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments. | ||||
CVE-1999-1419 | 1 Sun | 2 Solaris, Sunos | 2024-08-01 | N/A |
Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges. | ||||
CVE-1999-1427 | 1 Sun | 1 Solstice Adminsuite | 2024-08-01 | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges. |