# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2010-0559 |
16 |
|
|
2010-02-05 |
2010-05-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain. |
2 |
CVE-2010-0558 |
16 |
|
|
2010-02-05 |
2017-08-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain. |
3 |
CVE-2010-0271 |
264 |
|
|
2010-01-08 |
2017-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification. |
4 |
CVE-2009-3899 |
399 |
|
DoS |
2009-11-06 |
2017-09-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. |
5 |
CVE-2009-3839 |
|
|
Exec Code |
2009-11-02 |
2017-09-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server. |
6 |
CVE-2009-3432 |
|
|
|
2009-09-28 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events. |
7 |
CVE-2009-3390 |
|
|
+Priv |
2009-09-24 |
2009-09-25 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library. |
8 |
CVE-2009-3183 |
119 |
|
Overflow +Priv |
2009-09-14 |
2017-08-17 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. |
9 |
CVE-2009-2912 |
|
|
DoS |
2009-08-21 |
2017-09-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls. |
10 |
CVE-2009-2857 |
399 |
|
DoS |
2009-08-19 |
2017-09-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file. |
11 |
CVE-2009-2644 |
362 |
|
DoS |
2009-07-29 |
2017-09-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds." |
12 |
CVE-2009-2487 |
399 |
|
DoS |
2009-07-16 |
2017-09-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors. |
13 |
CVE-2009-2297 |
|
|
DoS |
2009-07-02 |
2009-07-15 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the udp subsystem in the kernel in Sun Solaris 10, and OpenSolaris snv_90 through snv_108, when Solaris Trusted Extensions is enabled, allows remote attackers to cause a denial of service (panic) via unspecified vectors involving the crgetlabel function, related to a "TX panic." NOTE: this issue exists because of a regression in earlier kernel patches. |
14 |
CVE-2009-2296 |
|
|
|
2009-07-02 |
2017-08-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. |
15 |
CVE-2009-2282 |
264 |
|
+Priv |
2009-07-01 |
2009-07-01 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors. |
16 |
CVE-2009-2137 |
399 |
|
DoS |
2009-06-19 |
2009-07-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value. |
17 |
CVE-2009-2135 |
362 |
|
DoS |
2009-06-19 |
2017-09-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. |
18 |
CVE-2009-2031 |
200 |
|
+Info |
2009-06-11 |
2009-06-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes. |
19 |
CVE-2009-2029 |
|
|
DoS |
2009-06-11 |
2017-09-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. |
20 |
CVE-2009-2012 |
|
|
DoS |
2009-06-09 |
2009-06-19 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors. |
21 |
CVE-2009-1933 |
255 |
|
|
2009-06-05 |
2009-06-23 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. |
22 |
CVE-2009-1478 |
|
|
DoS |
2009-04-29 |
2017-08-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors. |
23 |
CVE-2009-1207 |
362 |
|
|
2009-04-01 |
2017-09-29 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. |
24 |
CVE-2009-0923 |
|
|
DoS |
2009-03-17 |
2017-09-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server. |
25 |
CVE-2009-0913 |
|
|
DoS |
2009-03-16 |
2017-09-29 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. |
26 |
CVE-2009-0875 |
362 |
|
DoS +Priv Bypass |
2009-03-12 |
2009-04-02 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. |
27 |
CVE-2009-0874 |
399 |
|
DoS +Priv Bypass |
2009-03-12 |
2009-04-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. |
28 |
CVE-2009-0873 |
264 |
|
Bypass |
2009-03-11 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other." |
29 |
CVE-2009-0872 |
264 |
|
Bypass |
2009-03-11 |
2017-08-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. |
30 |
CVE-2009-0838 |
399 |
|
DoS |
2009-03-06 |
2018-10-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function. |
31 |
CVE-2009-0477 |
264 |
|
+Priv |
2009-02-08 |
2011-03-08 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. |
32 |
CVE-2009-0319 |
|
|
DoS +Priv |
2009-01-28 |
2017-09-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." |
33 |
CVE-2009-0304 |
|
|
DoS |
2009-01-27 |
2017-09-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. |
34 |
CVE-2009-0268 |
362 |
|
DoS |
2009-01-26 |
2017-09-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. |
35 |
CVE-2009-0267 |
20 |
|
DoS |
2009-01-26 |
2017-09-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. |
36 |
CVE-2009-0168 |
|
|
DoS |
2009-01-16 |
2017-09-29 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files. |
37 |
CVE-2009-0167 |
|
|
DoS |
2009-01-16 |
2017-09-29 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." |
38 |
CVE-2009-0069 |
399 |
|
DoS |
2009-01-07 |
2017-08-08 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. |
39 |
CVE-2008-5699 |
264 |
|
+Priv +Info |
2008-12-22 |
2009-01-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors. |
40 |
CVE-2008-5690 |
255 |
|
DoS |
2008-12-19 |
2017-09-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. |
41 |
CVE-2008-5133 |
264 |
|
Bypass |
2008-11-18 |
2017-08-08 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. |
42 |
CVE-2008-5111 |
|
|
DoS |
2008-11-17 |
2017-08-08 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function. |
43 |
CVE-2008-5010 |
|
|
DoS |
2008-11-10 |
2017-09-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. |
44 |
CVE-2007-5365 |
119 |
|
DoS Exec Code Overflow |
2007-10-11 |
2018-10-15 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. |