SUN » Opensolaris » snv_07 sparc : Security Vulnerabilities, CVEs, Published In 2009 CVSS score >= 6
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-09-14
Updated
2017-08-17
Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. NOTE: this issue exists because of an incomplete fix for CVE-2009-2136.
Max CVSS
7.1
EPSS Score
0.79%
Published
2009-09-10
Updated
2010-06-25
Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets.
Max CVSS
7.8
EPSS Score
5.08%
Published
2009-07-16
Updated
2017-09-19
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.90%
Published
2009-07-02
Updated
2017-08-17
Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames.
Max CVSS
7.8
EPSS Score
1.11%
Published
2009-06-19
Updated
2009-09-17
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server.
Max CVSS
7.8
EPSS Score
5.59%
Published
2009-03-17
Updated
2017-09-29
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.
Max CVSS
6.9
EPSS Score
0.04%
Published
2009-03-12
Updated
2009-04-02
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
Max CVSS
6.8
EPSS Score
1.15%
Published
2009-03-11
Updated
2018-10-30
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes.
Max CVSS
6.8
EPSS Score
1.62%
Published
2009-03-11
Updated
2017-08-17
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."
Max CVSS
6.9
EPSS Score
0.04%
Published
2009-01-28
Updated
2017-09-29
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c.
Max CVSS
7.8
EPSS Score
37.03%
Published
2009-01-27
Updated
2017-09-29
11 vulnerabilities found