CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN : Security Vulnerabilities Published In 2001 (Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2001-0701 Overflow +Priv 2001-09-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument.
2 CVE-2001-0686 Overflow +Priv 2001-09-20 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable.
3 CVE-2001-0652 Overflow +Priv 2001-10-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
4 CVE-2001-0634 DoS +Priv 2001-08-22 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service.
5 CVE-2001-0632 +Priv 2001-08-22 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.
6 CVE-2001-0594 Overflow +Priv 2001-08-02 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
7 CVE-2001-0565 Overflow +Priv 2001-08-14 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
8 CVE-2001-0548 Overflow +Priv 2001-08-14 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.
9 CVE-2001-0526 Overflow +Priv 2001-08-14 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
10 CVE-2001-0470 Overflow +Priv 2001-06-27 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.
11 CVE-2001-0426 Overflow +Priv 2001-07-02 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable.
12 CVE-2001-0353 Overflow +Priv 2001-07-21 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.
13 CVE-2001-0229 +Priv 2001-05-03 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.
14 CVE-2001-0190 Overflow +Priv 2001-03-26 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
15 CVE-2001-0165 Overflow +Priv 2001-05-03 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument.
16 CVE-2001-0124 Overflow +Priv 2001-03-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
Total number of vulnerabilities : 16   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.