NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
Max CVSS
2.6
EPSS Score
2.71%
Published
1998-06-29
Updated
2008-09-09
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.
Max CVSS
2.6
EPSS Score
0.05%
Published
2006-01-17
Updated
2018-10-30
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
Max CVSS
2.6
EPSS Score
0.04%
Published
2006-10-10
Updated
2018-10-30
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.
Max CVSS
2.6
EPSS Score
0.04%
Published
2007-02-13
Updated
2018-10-30
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to sshd.
Max CVSS
2.6
EPSS Score
0.65%
Published
2012-01-18
Updated
2018-01-06
Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local users to affect confidentiality and integrity via unknown vectors related to sort.
Max CVSS
2.6
EPSS Score
0.04%
Published
2012-07-17
Updated
2017-08-29
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
Max CVSS
2.1
EPSS Score
0.07%
Published
1996-08-15
Updated
2018-10-30
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-03-01
Updated
2018-10-30
64 bit Solaris 7 procfs allows local users to perform a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-03-09
Updated
2018-10-30
Solaris ff.core allows local users to modify files.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-01-07
Updated
2018-10-30
Denial of service in BIND named via naptr.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-11-10
Updated
2018-10-30
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-01
Updated
2018-10-30
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-01
Updated
2018-10-30
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-31
Updated
2008-09-05
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
Max CVSS
2.1
EPSS Score
0.04%
Published
1993-10-01
Updated
2018-10-30
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
Max CVSS
2.1
EPSS Score
0.07%
Published
1998-07-15
Updated
2018-10-30
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-05-17
Updated
2018-10-30
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-06-26
Updated
2018-10-30
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-05-19
Updated
2008-09-05
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-31
Updated
2018-10-30
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.
Max CVSS
2.1
EPSS Score
0.21%
Published
2001-12-31
Updated
2018-10-30
Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-03
Updated
2018-10-30
The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-04
Updated
2018-10-30
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic).
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-10-24
Updated
2018-10-30
Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-07-23
Updated
2018-10-30
53 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!