Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Sunos
Total 618 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-1158 1 Sun 1 Sunos 2024-11-20 7.2 HIGH N/A
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.
CVE-1999-1142 1 Sun 1 Sunos 2024-11-20 7.2 HIGH N/A
SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
CVE-1999-1137 1 Sun 2 Solaris, Sunos 2024-11-20 2.1 LOW N/A
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
CVE-1999-1123 1 Sun 1 Sunos 2024-11-20 7.2 HIGH N/A
The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall.
CVE-1999-1122 1 Sun 1 Sunos 2024-11-20 4.6 MEDIUM N/A
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges.
CVE-1999-1102 4 Apple, Bsd, Sgi and 1 more 4 A Ux, Bsd, Irix and 1 more 2024-11-20 2.1 LOW N/A
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
CVE-1999-1080 1 Sun 1 Sunos 2024-11-20 7.2 HIGH N/A
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
CVE-1999-1025 1 Sun 2 Solaris, Sunos 2024-11-20 4.6 MEDIUM N/A
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
CVE-1999-1023 1 Sun 1 Sunos 2024-11-20 4.6 MEDIUM N/A
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
CVE-1999-1021 1 Sun 1 Sunos 2024-11-20 7.2 HIGH N/A
NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.
CVE-1999-1014 1 Sun 2 Solaris, Sunos 2024-11-20 4.6 MEDIUM N/A
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
CVE-1999-0977 1 Sun 2 Solaris, Sunos 2024-11-20 10.0 HIGH N/A
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
CVE-1999-0974 1 Sun 2 Solaris, Sunos 2024-11-20 10.0 HIGH N/A
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
CVE-1999-0973 1 Sun 2 Solaris, Sunos 2024-11-20 10.0 HIGH N/A
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
CVE-1999-0966 1 Sun 1 Sunos 2024-11-20 7.2 HIGH N/A
Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].
CVE-1999-0952 1 Sun 2 Solaris, Sunos 2024-11-20 7.2 HIGH N/A
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
CVE-1999-0949 3 Sgi, Sun, Turbolinux 4 Irix, Solaris, Sunos and 1 more 2024-11-20 7.2 HIGH N/A
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
CVE-1999-0948 3 Sgi, Sun, Turbolinux 4 Irix, Solaris, Sunos and 1 more 2024-11-20 7.2 HIGH N/A
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
CVE-1999-0908 1 Sun 2 Solaris, Sunos 2024-11-20 5.0 MEDIUM N/A
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
CVE-1999-0875 2 Microsoft, Sun 5 Windows 2000, Windows 95, Windows 98se and 2 more 2024-11-20 7.5 HIGH N/A
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.