Filtered by vendor Sun
Subscriptions
Filtered by product Sunos
Subscriptions
Total
609 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0481 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. | ||||
CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||
CVE-2011-0821 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp. | ||||
CVE-2001-1555 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY. | ||||
CVE-2002-2327 | 1 Sun | 2 Sun Fire, Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. | ||||
CVE-1999-1585 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges. | ||||
CVE-2011-0801 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to cp. | ||||
CVE-2009-4191 | 1 Sun | 2 Opensolaris, Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
CVE-2011-0800 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration Utilities. | ||||
CVE-2002-2197 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. | ||||
CVE-2011-0790 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality via unknown vectors related to wbem. | ||||
CVE-2011-0829 | 1 Sun | 1 Sunos | 2024-09-16 | N/A |
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/SPARC. | ||||
CVE-2002-2203 | 1 Sun | 2 Solaris, Sunos | 2024-09-16 | N/A |
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. | ||||
CVE-2011-0820 | 1 Sun | 1 Sunos | 2024-09-16 | N/A |
Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Kernel. | ||||
CVE-2011-3337 | 4 Eeye, Hp, Sgi and 1 more | 5 Digital Security Audits, Retina Network Security Scanner, Hp-ux and 2 more | 2024-09-16 | N/A |
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/. | ||||
CVE-2011-0812 | 1 Sun | 1 Sunos | 2024-09-16 | N/A |
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel. | ||||
CVE-2011-0841 | 1 Sun | 1 Sunos | 2024-09-16 | N/A |
Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP. | ||||
CVE-2013-3750 | 1 Sun | 1 Sunos | 2024-09-16 | N/A |
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/VM | ||||
CVE-2010-4785 | 4 Ibm, Linux, Microsoft and 1 more | 4 Tivoli Directory Server, Linux Kernel, Windows and 1 more | 2024-09-16 | N/A |
The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. | ||||
CVE-2008-7300 | 1 Sun | 2 Opensolaris, Sunos | 2024-09-16 | N/A |
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone. |