Filtered by vendor Sun
Subscriptions
Filtered by product Sunos
Subscriptions
Total
609 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0064 | 4 Hp, Ibm, Sgi and 1 more | 5 Hp-ux, Aix, Irix and 2 more | 2024-08-08 | N/A |
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
CVE-2003-0027 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. | ||||
CVE-2003-0028 | 11 Cray, Freebsd, Gnu and 8 more | 15 Unicos, Freebsd, Glibc and 12 more | 2024-08-08 | N/A |
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. | ||||
CVE-2004-2686 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure. | ||||
CVE-2004-2306 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | ||||
CVE-2004-1767 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. | ||||
CVE-2004-1394 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges. | ||||
CVE-2004-1351 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. | ||||
CVE-2004-1393 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | ||||
CVE-2004-1359 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. | ||||
CVE-2004-1348 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). | ||||
CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | ||||
CVE-2004-1347 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request. | ||||
CVE-2004-1353 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges. | ||||
CVE-2004-1355 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | ||||
CVE-2004-1360 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. | ||||
CVE-2004-1356 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. | ||||
CVE-2004-1352 | 1 Sun | 2 Solaris, Sunos | 2024-08-08 | N/A |
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. | ||||
CVE-2004-1307 | 11 Apple, Avaya, Conectiva and 8 more | 20 Mac Os X, Mac Os X Server, Call Management System Server and 17 more | 2024-08-08 | N/A |
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | ||||
CVE-2004-1180 | 3 Debian, Mandrakesoft, Sun | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2024-08-08 | N/A |
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). |