Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread."
Max CVSS
5.0
EPSS Score
1.84%
Published
2009-11-25
Updated
2017-08-17
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.
Max CVSS
5.0
EPSS Score
1.04%
Published
2009-06-11
Updated
2017-09-29
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.
Max CVSS
5.0
EPSS Score
2.72%
Published
2009-01-26
Updated
2017-09-29
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors.
Max CVSS
5.4
EPSS Score
1.87%
Published
2009-02-02
Updated
2017-08-08
Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session).
Max CVSS
5.0
EPSS Score
1.14%
Published
2008-12-19
Updated
2017-09-29
The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference.
Max CVSS
5.4
EPSS Score
1.34%
Published
2008-12-17
Updated
2017-08-08
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named.
Max CVSS
5.8
EPSS Score
0.27%
Published
2008-11-18
Updated
2017-08-08
Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.
Max CVSS
5.0
EPSS Score
5.73%
Published
2007-05-30
Updated
2018-10-30
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
Max CVSS
5.8
EPSS Score
1.09%
Published
2007-03-07
Updated
2018-10-30
Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries.
Max CVSS
5.4
EPSS Score
0.42%
Published
2006-08-14
Updated
2017-07-20
The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP connections ("heavy TCP/IP loads"). NOTE: the original report specifies the function name as "drain_squeue," but this is likely incorrect.
Max CVSS
5.4
EPSS Score
6.03%
Published
2006-08-14
Updated
2017-07-20
The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified.
Max CVSS
5.0
EPSS Score
0.76%
Published
2006-08-01
Updated
2017-07-20
The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm.
Max CVSS
5.0
EPSS Score
6.39%
Published
2006-07-28
Updated
2018-10-30
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors.
Max CVSS
5.0
EPSS Score
5.98%
Published
2006-07-18
Updated
2018-10-30
Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library.
Max CVSS
5.0
EPSS Score
1.03%
Published
2006-07-18
Updated
2018-10-30

CVE-2005-4797

Public exploit
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
Max CVSS
5.0
EPSS Score
96.19%
Published
2005-12-31
Updated
2018-10-30
Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries."
Max CVSS
5.0
EPSS Score
0.72%
Published
2005-11-23
Updated
2018-10-30
Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors.
Max CVSS
5.0
EPSS Score
0.25%
Published
2005-05-16
Updated
2018-10-30
Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.
Max CVSS
5.0
EPSS Score
19.05%
Published
2005-02-15
Updated
2018-10-30
Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.
Max CVSS
5.0
EPSS Score
5.99%
Published
2005-05-02
Updated
2018-10-30
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
Max CVSS
5.6
EPSS Score
0.08%
Published
2005-03-05
Updated
2018-10-16
Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang).
Max CVSS
5.0
EPSS Score
0.23%
Published
2004-12-31
Updated
2018-10-30
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
Max CVSS
5.0
EPSS Score
0.38%
Published
2004-03-12
Updated
2017-10-11
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
Max CVSS
5.0
EPSS Score
1.47%
Published
2004-04-07
Updated
2017-10-11
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack.
Max CVSS
5.0
EPSS Score
1.22%
Published
2004-05-14
Updated
2018-10-30
49 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!