Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-01-25
Updated
2018-10-30
rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-07-12
Updated
2018-10-30
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-10-17
Updated
2013-10-11
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Patch installation scripts.
Max CVSS
6.9
EPSS Score
0.04%
Published
2014-07-17
Updated
2018-10-09
Unspecified vulnerability in the kernel in Solaris 10 with patch 118822-29 (118844-29 on x86) and without patch 118833-11 (118855-08) allows remote authenticated users to cause a denial of service via unspecified vectors that lead to "kernel data structure corruption" that can trigger a system panic, application failure, or "data corruption."
Max CVSS
6.8
EPSS Score
0.78%
Published
2006-07-21
Updated
2018-10-30
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.
Max CVSS
6.8
EPSS Score
0.96%
Published
2008-02-29
Updated
2018-10-30
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
Max CVSS
6.8
EPSS Score
1.15%
Published
2009-03-11
Updated
2018-10-30
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kerberos.
Max CVSS
6.8
EPSS Score
0.04%
Published
2012-01-18
Updated
2018-01-06
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Archive Utility.
Max CVSS
6.8
EPSS Score
0.04%
Published
2014-10-15
Updated
2015-11-06
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hermon HCA PCIe driver.
Max CVSS
6.8
EPSS Score
0.63%
Published
2014-10-15
Updated
2014-11-19
Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.
Max CVSS
6.6
EPSS Score
0.06%
Published
2006-09-27
Updated
2018-10-30
Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers.
Max CVSS
6.6
EPSS Score
0.04%
Published
2006-12-13
Updated
2018-10-30
Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cases of external introduction of malicious message files, or if it is leveraged with other vulnerabilities such as CVE-2006-6494.
Max CVSS
6.6
EPSS Score
0.04%
Published
2006-12-13
Updated
2018-10-30
Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors.
Max CVSS
6.6
EPSS Score
0.04%
Published
2008-04-14
Updated
2018-10-30
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/Privileges.
Max CVSS
6.6
EPSS Score
0.04%
Published
2012-05-03
Updated
2017-12-07
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Umount.
Max CVSS
6.6
EPSS Score
0.04%
Published
2013-01-17
Updated
2017-09-19
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Filesystem/cachefs.
Max CVSS
6.6
EPSS Score
0.04%
Published
2013-01-17
Updated
2017-09-19
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS).
Max CVSS
6.6
EPSS Score
0.04%
Published
2015-01-21
Updated
2016-12-07
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration Utilities.
Max CVSS
6.5
EPSS Score
0.04%
Published
2011-04-20
Updated
2011-04-20
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
Max CVSS
6.4
EPSS Score
3.24%
Published
2001-07-02
Updated
2018-10-30
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality and integrity, related to libsasl.
Max CVSS
6.4
EPSS Score
0.30%
Published
2012-05-03
Updated
2017-12-07
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality and integrity via vectors related to NFS client mounts and IPv6.
Max CVSS
6.4
EPSS Score
0.26%
Published
2013-04-17
Updated
2017-09-19
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vectors related to SMF/File Locking Services.
Max CVSS
6.4
EPSS Score
0.81%
Published
2013-07-17
Updated
2017-09-19
A race condition in the Solaris ps command allows an attacker to overwrite critical files.
Max CVSS
6.2
EPSS Score
0.04%
Published
1995-08-29
Updated
2008-09-09
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
Max CVSS
6.2
EPSS Score
0.04%
Published
1994-05-13
Updated
2008-09-05
31 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!