SUN » Opensolaris » snv_93 sparc : Security Vulnerabilities, CVEs,
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-07-29
Updated
2017-09-19
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-03-06
Updated
2018-10-30
The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-09-02
Updated
2017-09-29
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.
Max CVSS
7.1
EPSS Score
0.10%
Published
2008-08-13
Updated
2018-10-30
Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv_93, allows local users to cause a denial of service (panic) via unspecified vectors, probably related to core files.
Max CVSS
4.9
EPSS Score
0.04%
Published
2008-06-16
Updated
2018-10-30
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.
Max CVSS
9.3
EPSS Score
10.31%
Published
2008-08-08
Updated
2018-10-30
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.
Max CVSS
9.3
EPSS Score
35.61%
Published
2008-08-08
Updated
2018-10-30
7 vulnerabilities found