Total
99 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-0872 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 6.8 MEDIUM | N/A |
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. | |||||
CVE-2008-5010 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 10.0 HIGH | N/A |
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. | |||||
CVE-2009-0277 | 1 Sun | 2 Opensolaris, Ultrasparc | 2024-02-04 | 7.8 HIGH | N/A |
Unspecified vulnerability in the kernel in OpenSolaris snv_100 through snv_102 on the Sun UltraSPARC T2 and T2+ sun4v platforms allows local users to cause a denial of service (panic) via unknown vectors. | |||||
CVE-2009-0167 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." | |||||
CVE-2009-3432 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 1.9 LOW | N/A |
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events. | |||||
CVE-2009-0477 | 1 Sun | 1 Opensolaris | 2024-02-04 | 7.2 HIGH | N/A |
Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. | |||||
CVE-2008-5133 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 5.8 MEDIUM | N/A |
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. | |||||
CVE-2008-5661 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 5.4 MEDIUM | N/A |
The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference. | |||||
CVE-2009-0924 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712. | |||||
CVE-2008-2708 | 1 Sun | 2 Opensolaris, Sunos | 2024-02-04 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv_93, allows local users to cause a denial of service (panic) via unspecified vectors, probably related to core files. | |||||
CVE-2008-5699 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.6 MEDIUM | N/A |
The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors. | |||||
CVE-2008-5111 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function. | |||||
CVE-2009-0923 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 7.8 HIGH | N/A |
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server. | |||||
CVE-2009-0870 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.7 MEDIUM | N/A |
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. | |||||
CVE-2009-0168 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. | |||||
CVE-2008-3839 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the NFS module in the kernel in Sun Solaris 10 and OpenSolaris snv_59 through snv_87, when configured as an NFS server without the nodevices option, allows local users to cause a denial of service (panic) via unspecified vectors. | |||||
CVE-2009-0873 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2024-02-04 | 6.8 MEDIUM | N/A |
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other." | |||||
CVE-2009-3937 | 1 Sun | 1 Opensolaris | 2024-02-04 | 4.9 MEDIUM | N/A |
Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through snv_126 allows local users to cause a denial of service (kernel memory consumption) via unspecified vectors involving tcp_sendmsg processing "ancillary data." | |||||
CVE-2009-0346 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 4.9 MEDIUM | N/A |
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. | |||||
CVE-2009-3000 | 1 Sun | 2 Opensolaris, Solaris | 2024-02-04 | 7.1 HIGH | N/A |
The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling." |