CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN : Security Vulnerabilities Published In 2002 (Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2002-2089 Exec Code Overflow 2002-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.
2 CVE-2002-1980 Exec Code Overflow 2002-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.
3 CVE-2002-1361 Exec Code Overflow 2002-12-23 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter.
4 CVE-2002-1317 DoS Exec Code Overflow 2002-12-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
5 CVE-2002-0885 Exec Code Overflow 2002-10-04 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.
6 CVE-2002-0797 Overflow +Priv 2002-08-12 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
7 CVE-2002-0679 Exec Code Overflow 2002-09-05 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
8 CVE-2002-0391 Exec Code Overflow Bypass 2002-08-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
9 CVE-2002-0360 Exec Code Overflow 2002-06-25 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program.
10 CVE-2002-0158 Overflow +Priv 2002-04-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.
11 CVE-2002-0090 Exec Code Overflow 2002-03-15 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.
12 CVE-2002-0089 Overflow +Priv 2002-03-15 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
13 CVE-2002-0088 Overflow +Priv 2002-03-15 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
14 CVE-2002-0084 Overflow +Priv 2002-03-15 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
15 CVE-2002-0033 Exec Code Overflow 2002-05-29 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
Total number of vulnerabilities : 15   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.