| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh crash) via an unspecified attack vector that causes sh processes to crash during creation of temporary files. |
| Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors. |
| Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. |
| Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI. |
| Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 and N1 Grid Engine 6.0 allows local users to cause a denial of service (grid service shutdown) and possibly execute arbitrary code using buffer overflows via unknown vectors that cause (1) qmaster or (2) execd to terminate. |
| Solaris ff.core allows local users to modify files. |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. |
| Denial of service by sending forged ICMP unreachable packets. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. |
| Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. |
| The SunView (SunTools) selection_svc facility allows remote users to read files. |
| Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. |
| The passwd command in Solaris can be subjected to a denial of service. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
