Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
Max CVSS
2.1
EPSS Score
0.07%
Published
1996-08-15
Updated
2018-10-30
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-03-01
Updated
2018-10-30
64 bit Solaris 7 procfs allows local users to perform a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-03-09
Updated
2018-10-30
Solaris ff.core allows local users to modify files.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-01-07
Updated
2018-10-30
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
Max CVSS
2.6
EPSS Score
2.71%
Published
1998-06-29
Updated
2008-09-09
Denial of service in BIND named via naptr.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-11-10
Updated
2018-10-30
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-01
Updated
2018-10-30
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-01
Updated
2018-10-30
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-31
Updated
2008-09-05
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
Max CVSS
2.1
EPSS Score
0.04%
Published
1993-10-01
Updated
2018-10-30
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
Max CVSS
2.1
EPSS Score
0.07%
Published
1998-07-15
Updated
2018-10-30
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-05-17
Updated
2018-10-30
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-06-26
Updated
2018-10-30
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-05-19
Updated
2008-09-05
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-31
Updated
2018-10-30
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.
Max CVSS
2.1
EPSS Score
0.21%
Published
2001-12-31
Updated
2018-10-30
Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-03
Updated
2018-10-30
The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-04
Updated
2018-10-30
Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic).
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-10-24
Updated
2018-10-30
Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-07-23
Updated
2018-10-30
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-01-03
Updated
2018-10-30
Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-04-28
Updated
2018-10-30
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-02-23
Updated
2018-10-30
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).
Max CVSS
2.1
EPSS Score
0.09%
Published
2004-08-06
Updated
2018-10-30
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
Max CVSS
2.1
EPSS Score
0.09%
Published
2004-04-26
Updated
2018-10-30
53 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!