| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Solaris SUNWadmap can be exploited to obtain root access. |
| The WorkMan program can be used to overwrite any file to get root access. |
| Solaris volrmmount program allows attackers to read any file. |
| nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. |
