The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
Max CVSS
7.8
EPSS Score
5.15%
Published
2005-11-18
Updated
2011-03-08
Unspecified vulnerability in Sun Solaris 10 allows context-dependent attackers to cause a denial of service (panic) via unspecified vectors involving the event port API.
Max CVSS
7.8
EPSS Score
0.72%
Published
2006-07-24
Updated
2017-10-11
Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets.
Max CVSS
7.8
EPSS Score
8.77%
Published
2006-09-27
Updated
2017-10-11
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013.
Max CVSS
7.8
EPSS Score
8.55%
Published
2006-09-29
Updated
2018-10-30
The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.
Max CVSS
7.8
EPSS Score
6.28%
Published
2006-09-29
Updated
2017-07-20
Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it might be related to "jabber" and generation of a large amount of interrupts within the console, or a hardware error.
Max CVSS
7.8
EPSS Score
22.66%
Published
2007-02-23
Updated
2018-10-30
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
Max CVSS
7.8
EPSS Score
41.44%
Published
2007-01-10
Updated
2018-10-30
Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets.
Max CVSS
7.8
EPSS Score
5.17%
Published
2007-01-31
Updated
2017-10-11
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298.
Max CVSS
7.8
EPSS Score
5.04%
Published
2007-06-01
Updated
2017-10-11
Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.
Max CVSS
7.8
EPSS Score
6.04%
Published
2007-06-14
Updated
2018-10-30
Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 interfaces are present but not configured for IPsec, allows remote attackers to cause a denial of service (system crash) via certain network traffic.
Max CVSS
7.8
EPSS Score
6.04%
Published
2007-06-18
Updated
2017-10-11
Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors related to "memory buffers" of Secure Socket Layer (SSL) records.
Max CVSS
7.8
EPSS Score
6.46%
Published
2007-06-28
Updated
2017-09-29
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems.
Max CVSS
7.8
EPSS Score
2.61%
Published
2007-10-15
Updated
2017-07-29
Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet.
Max CVSS
7.8
EPSS Score
0.92%
Published
2007-10-30
Updated
2017-09-29
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet.
Max CVSS
7.8
EPSS Score
3.51%
Published
2008-05-06
Updated
2017-09-29
Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet.
Max CVSS
7.8
EPSS Score
3.51%
Published
2008-05-06
Updated
2017-09-29
The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets.
Max CVSS
7.8
EPSS Score
1.11%
Published
2008-06-30
Updated
2018-10-30
The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 does not maintain reference counts for operations with asymmetric keys, which allows context-dependent attackers to cause a denial of service (failed cryptographic operations) via unspecified vectors, related to the (1) RSA_sign and (2) RSA_verify functions.
Max CVSS
7.8
EPSS Score
0.75%
Published
2008-12-10
Updated
2017-09-29
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c.
Max CVSS
7.8
EPSS Score
37.03%
Published
2009-01-27
Updated
2017-09-29
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server.
Max CVSS
7.8
EPSS Score
5.59%
Published
2009-03-17
Updated
2017-09-29
Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames.
Max CVSS
7.8
EPSS Score
1.11%
Published
2009-06-19
Updated
2009-09-17
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value.
Max CVSS
7.8
EPSS Score
0.29%
Published
2009-06-19
Updated
2009-07-02
Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets.
Max CVSS
7.8
EPSS Score
5.08%
Published
2009-07-16
Updated
2017-09-19
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors.
Max CVSS
7.8
EPSS Score
3.26%
Published
2009-07-16
Updated
2017-09-19
in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."
Max CVSS
7.8
EPSS Score
2.51%
Published
2009-08-27
Updated
2017-09-19