SUN : Security Vulnerabilities, CVEs, CVSS score between 4 and 4.99
Buffer overflow in SGI IRIX mailx program.
Max CVSS
4.6
EPSS Score
0.04%
Published
1998-01-25
Updated
2018-10-30
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
Max CVSS
4.6
EPSS Score
0.05%
Published
1996-12-03
Updated
2022-08-17
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
Max CVSS
4.6
EPSS Score
0.04%
Published
1996-02-21
Updated
2022-08-17
In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system.
Max CVSS
4.6
EPSS Score
0.04%
Published
1991-12-06
Updated
2022-08-17
Solaris SUNWadmap can be exploited to obtain root access.
Max CVSS
4.6
EPSS Score
0.04%
Published
1998-07-16
Updated
2018-10-30
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
Max CVSS
4.6
EPSS Score
0.04%
Published
1998-05-21
Updated
2022-08-17
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-02-10
Updated
2018-10-30
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
Max CVSS
4.6
EPSS Score
0.05%
Published
1999-08-09
Updated
2018-10-30
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-09-22
Updated
2018-10-30
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-09-13
Updated
2018-10-30
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
Max CVSS
4.6
EPSS Score
0.05%
Published
1999-06-10
Updated
2018-10-30
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
Max CVSS
4.6
EPSS Score
0.29%
Published
1998-11-12
Updated
2018-10-30
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges.
Max CVSS
4.6
EPSS Score
0.06%
Published
1989-07-26
Updated
2018-05-03
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.
Max CVSS
4.6
EPSS Score
0.04%
Published
1996-08-03
Updated
2018-10-30
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.
Max CVSS
4.6
EPSS Score
0.05%
Published
2000-04-16
Updated
2008-09-10
Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-14
Updated
2018-05-03
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-14
Updated
2018-10-30
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
Max CVSS
4.6
EPSS Score
0.05%
Published
2001-08-14
Updated
2018-10-30
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-02
Updated
2018-10-30
Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-02
Updated
2018-10-30
Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-09-20
Updated
2018-05-03
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-12-31
Updated
2018-10-30
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
Max CVSS
4.6
EPSS Score
0.13%
Published
2002-12-11
Updated
2018-10-30
The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-12-31
Updated
2018-10-30
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-05