Filtered by vendor Sun
Subscribe
Total
1709 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1425 | 1 Sun | 1 Solstice Adminsuite | 2024-02-04 | 6.2 MEDIUM | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd. | |||||
CVE-1999-0302 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. | |||||
CVE-2002-0885 | 2 Caldera, Sun | 3 Openunix, Unixware, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error. | |||||
CVE-2002-0573 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. | |||||
CVE-1999-0315 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in Solaris fdformat command gives root access to local users. | |||||
CVE-2001-0077 | 1 Sun | 1 Cluster | 2024-02-04 | 5.0 MEDIUM | N/A |
The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations. | |||||
CVE-2004-1358 | 1 Sun | 1 Solaris | 2024-02-04 | 5.0 MEDIUM | N/A |
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. | |||||
CVE-2001-0249 | 1 Sun | 2 Solaris, Sunos | 2024-02-02 | 10.0 HIGH | 9.8 CRITICAL |
Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | |||||
CVE-2003-0411 | 1 Sun | 1 One Application Server | 2024-02-02 | 5.0 MEDIUM | 7.5 HIGH |
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension. |