cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*
The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain.
Max CVSS
7.5
EPSS Score
0.37%
Published
2010-02-05
Updated
2017-08-17
hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.
Max CVSS
4.6
EPSS Score
0.07%
Published
2010-01-08
Updated
2017-08-17
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Max CVSS
7.8
EPSS Score
2.51%
Published
2009-11-06
Updated
2017-09-19
Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.
Max CVSS
6.8
EPSS Score
4.78%
Published
2009-11-02
Updated
2017-09-19
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-09-24
Updated
2009-09-25
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-09-14
Updated
2017-08-17
The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling."
Max CVSS
7.1
EPSS Score
0.07%
Published
2009-08-28
Updated
2009-08-31
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-08-21
Updated
2017-09-19
Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets.
Max CVSS
6.8
EPSS Score
0.86%
Published
2009-08-03
Updated
2017-08-17
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-07-29
Updated
2017-09-19
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors.
Max CVSS
7.8
EPSS Score
3.26%
Published
2009-07-16
Updated
2017-09-19
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.90%
Published
2009-07-02
Updated
2017-08-17
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors.
Max CVSS
4.6
EPSS Score
0.07%
Published
2009-07-01
Updated
2024-01-26
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages.
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-06-25
Updated
2009-06-25
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value.
Max CVSS
7.8
EPSS Score
0.29%
Published
2009-06-19
Updated
2009-07-02
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions.
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-06-19
Updated
2017-09-29
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.
Max CVSS
5.0
EPSS Score
1.04%
Published
2009-06-11
Updated
2017-09-29
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.
Max CVSS
4.7
EPSS Score
0.04%
Published
2009-06-05
Updated
2009-06-23
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-04-29
Updated
2017-08-17
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.
Max CVSS
4.4
EPSS Score
0.04%
Published
2009-04-01
Updated
2017-09-29
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server.
Max CVSS
7.8
EPSS Score
5.59%
Published
2009-03-17
Updated
2017-09-29
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options.
Max CVSS
4.7
EPSS Score
0.04%
Published
2009-03-16
Updated
2017-09-29
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.
Max CVSS
6.9
EPSS Score
0.04%
Published
2009-03-12
Updated
2009-04-02
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function.
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-03-12
Updated
2009-04-02
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
Max CVSS
6.8
EPSS Score
1.15%
Published
2009-03-11
Updated
2018-10-30
46 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!