| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. |
| Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function. |
| cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key. |
| Delete or create a file via rpc.statd, due to invalid information. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. |
| Sun's ftpd daemon can be subjected to a denial of service. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Buffer overflow in ffbconfig in Solaris 2.5.1. |
| Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. |
