CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN » Opensolaris » Snv 108 * X86 * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:sun:opensolaris:snv_108:*:x86:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-0559 16 2010-02-05 2010-05-25
7.5
 None Remote Low Not required Partial Partial Partial
The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain.
2 CVE-2010-0558 16 2010-02-05 2017-08-17
7.5
 None Remote Low Not required Partial Partial Partial
The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain.
3 CVE-2010-0453 20 DoS 2010-02-03 2018-10-10
4.9
 None Local Low Not required None None Complete
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.
4 CVE-2010-0271 264 2010-01-08 2017-08-17
4.6
 None Local Low Not required Partial Partial Partial
hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.
5 CVE-2009-4774 DoS 2010-04-21 2010-04-21
4.0
 None Local High Not required None None Complete
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225.
6 CVE-2009-4226 362 DoS 2009-12-08 2017-08-17
7.1
 None Remote Medium Not required None None Complete
Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors related to the (1) tcp_do_getsockname or (2) tcp_do_getpeername function.
7 CVE-2009-4075 DoS 2009-11-25 2017-08-17
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread."
8 CVE-2009-3839 Exec Code 2009-11-02 2017-09-19
6.8
 None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.
9 CVE-2009-3706 Bypass 2009-10-16 2009-10-16
4.4
 None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.
10 CVE-2009-3432 2009-09-28 2017-08-17
1.9
 None Local Medium Not required Partial None None
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events.
11 CVE-2009-3390 +Priv 2009-09-24 2009-09-25
7.2
 None Local Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library.
12 CVE-2009-3183 119 Overflow +Priv 2009-09-14 2017-08-17
7.2
 None Local Low Not required Complete Complete Complete
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.
13 CVE-2009-2912 DoS 2009-08-21 2017-09-19
4.9
 None Local Low Not required None None Complete
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.
14 CVE-2009-2644 362 DoS 2009-07-29 2017-09-19
4.9
 None Local Low Not required None None Complete
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."
15 CVE-2009-2488 DoS 2009-07-16 2017-09-19
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations."
16 CVE-2009-2487 399 DoS 2009-07-16 2017-09-19
7.8
 None Remote Low Not required None None Complete
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors.
17 CVE-2009-2387 DoS 2009-07-09 2009-07-22
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in the proc filesystem in Sun OpenSolaris snv_49 through snv_109 allows local users to cause a denial of service (deadlock and panic) via unknown vectors, related to the ldt_rewrite_syscall function.
18 CVE-2009-2297 DoS 2009-07-02 2009-07-15
7.1
 None Remote Medium Not required None None Complete
Unspecified vulnerability in the udp subsystem in the kernel in Sun Solaris 10, and OpenSolaris snv_90 through snv_108, when Solaris Trusted Extensions is enabled, allows remote attackers to cause a denial of service (panic) via unspecified vectors involving the crgetlabel function, related to a "TX panic." NOTE: this issue exists because of a regression in earlier kernel patches.
19 CVE-2009-2296 2009-07-02 2017-08-17
10.0
 None Remote Low Not required Complete Complete Complete
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.
20 CVE-2009-2031 200 +Info 2009-06-11 2009-06-19
2.1
 None Local Low Not required Partial None None
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.
21 CVE-2009-2012 DoS 2009-06-09 2009-06-19
1.9
 None Local Medium Not required None None Partial
Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors.
22 CVE-2009-1933 255 2009-06-05 2009-06-23
4.7
 None Local Medium Not required Complete None None
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.
23 CVE-2009-1763 DoS +Priv Mem. Corr. 2009-05-22 2017-08-17
7.2
 None Local Low Not required Complete Complete Complete
Unspecified vulnerability in the Solaris Secure Digital slot driver (aka sdhost) in Sun OpenSolaris snv_105 through snv_108 on the x86 platform allows local users to gain privileges or cause a denial of service (filesystem or memory corruption) via unknown vectors.
24 CVE-2009-1478 DoS 2009-04-29 2017-08-17
4.9
 None Local Low Not required None None Complete
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors.
25 CVE-2009-1207 362 2009-04-01 2017-09-29
4.4
 None Local Medium Not required Partial Partial Partial
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.
26 CVE-2009-0923 DoS 2009-03-17 2017-09-29
7.8
 None Remote Low Not required None None Complete
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server.
27 CVE-2009-0872 264 Bypass 2009-03-11 2017-08-17
6.8
 None Remote Medium Not required Partial Partial Partial
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes.
28 CVE-2009-0870 399 DoS 2009-03-10 2017-08-17
4.7
 None Local Medium Not required None None Complete
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function.
Total number of vulnerabilities : 28   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.