# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2009-3899 |
399 |
|
DoS |
2009-11-06 |
2017-09-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. |
2 |
CVE-2009-2912 |
|
|
DoS |
2009-08-21 |
2017-09-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls. |
3 |
CVE-2009-2857 |
399 |
|
DoS |
2009-08-19 |
2017-09-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file. |
4 |
CVE-2009-2644 |
362 |
|
DoS |
2009-07-29 |
2017-09-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds." |
5 |
CVE-2009-2487 |
399 |
|
DoS |
2009-07-16 |
2017-09-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors. |
6 |
CVE-2009-2137 |
399 |
|
DoS |
2009-06-19 |
2009-07-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value. |
7 |
CVE-2009-2135 |
362 |
|
DoS |
2009-06-19 |
2017-09-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. |
8 |
CVE-2009-2029 |
|
|
DoS |
2009-06-11 |
2017-09-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. |
9 |
CVE-2009-2012 |
|
|
DoS |
2009-06-09 |
2009-06-19 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors. |
10 |
CVE-2009-1478 |
|
|
DoS |
2009-04-29 |
2017-08-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors. |
11 |
CVE-2009-0923 |
|
|
DoS |
2009-03-17 |
2017-09-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server. |
12 |
CVE-2009-0913 |
|
|
DoS |
2009-03-16 |
2017-09-29 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. |
13 |
CVE-2009-0875 |
362 |
|
DoS +Priv Bypass |
2009-03-12 |
2009-04-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. |
14 |
CVE-2009-0874 |
399 |
|
DoS +Priv Bypass |
2009-03-12 |
2009-04-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. |
15 |
CVE-2009-0838 |
399 |
|
DoS |
2009-03-06 |
2018-10-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function. |
16 |
CVE-2009-0319 |
|
|
DoS +Priv |
2009-01-28 |
2017-09-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." |
17 |
CVE-2009-0304 |
|
|
DoS |
2009-01-27 |
2017-09-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. |
18 |
CVE-2009-0268 |
362 |
|
DoS |
2009-01-26 |
2017-09-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. |
19 |
CVE-2009-0267 |
20 |
|
DoS |
2009-01-26 |
2017-09-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. |
20 |
CVE-2009-0168 |
|
|
DoS |
2009-01-16 |
2017-09-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. |
21 |
CVE-2009-0167 |
|
|
DoS |
2009-01-16 |
2017-09-29 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." |
22 |
CVE-2009-0131 |
|
|
DoS |
2009-01-15 |
2009-02-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call. |
23 |
CVE-2009-0069 |
399 |
|
DoS |
2009-01-07 |
2017-08-08 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. |
24 |
CVE-2008-5690 |
255 |
|
DoS |
2008-12-19 |
2017-09-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. |
25 |
CVE-2008-5111 |
|
|
DoS |
2008-11-17 |
2017-08-08 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function. |
26 |
CVE-2008-5010 |
|
|
DoS |
2008-11-10 |
2017-09-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. |
27 |
CVE-2007-5365 |
119 |
|
DoS Exec Code Overflow |
2007-10-11 |
2018-10-15 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. |