Solaris

solaris

Vendor: Sun • 450 CVEs

CVEs (450)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-2529 1Sun 2Solaris Sunos Apr 23, 2026 May 9, 2007 N/A· v4 N/A· v3 7.2 HIGH· v2 Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETA...Show more Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL.Show less
CVE-2007-2465 1Sun 2Solaris Sunos Apr 23, 2026 May 2, 2007 N/A· v4 N/A· v3 4.7 MEDIUM· v2 Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unkn...Show more Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function.Show less
CVE-2007-1681 1Sun 2Java Web Console Solaris Apr 23, 2026 Apr 19, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly ex...Show more Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog.Show less
CVE-2006-7140 1Sun 2Solaris Sunos Apr 23, 2026 Mar 7, 2007 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1...Show more The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.Show less
CVE-2006-7028 1Sun 2Solaris Sunos Apr 23, 2026 Feb 23, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by thir...Show more Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it might be related to "jabber" and generation of a large amount of interrupts within the console, or a hardware error.Show less
CVE-2007-0914 1Sun 1Solaris Apr 23, 2026 Feb 14, 2007 N/A· v4 N/A· v3 7.1 HIGH· v2 Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors.
CVE-2007-0895 1Sun 2Solaris Sunos Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 2.6 LOW· v2 Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-leve...Show more Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.Show less
CVE-2007-0668 1Sun 1Solaris Apr 23, 2026 Feb 2, 2007 N/A· v4 N/A· v3 6.2 MEDIUM· v2 The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service.
CVE-2007-0634 1Sun 1Solaris Apr 23, 2026 Jan 31, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets.
CVE-2007-0503 1Sun 2Solaris Sunos Apr 23, 2026 Jan 25, 2007 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
CVE-2007-0470 1Sun 2Solaris Sunos Apr 23, 2026 Jan 24, 2007 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
CVE-2007-0393 1Sun 1Solaris Apr 23, 2026 Jan 19, 2007 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a varia...Show more Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.Show less
CVE-2007-0165 1Sun 2Solaris Sunos Apr 23, 2026 Jan 10, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
CVE-2006-6495 1Sun 2Solaris Sunos Apr 23, 2026 Dec 13, 2006 N/A· v4 N/A· v3 6.6 MEDIUM· v2 Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf functio...Show more Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cases of external introduction of malicious message files, or if it is leveraged with other vulnerabilities such as CVE-2006-6494.Show less
CVE-2006-6494 1Sun 2Solaris Sunos Apr 23, 2026 Dec 13, 2006 N/A· v4 N/A· v3 6.6 MEDIUM· v2 Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing a...Show more Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers.Show less
CVE-2006-6275 1Sun 2Solaris Sunos Apr 23, 2026 Dec 4, 2006 N/A· v4 N/A· v3 4.7 MEDIUM· v2 Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
CVE-2006-5726 1Sun 1Solaris Apr 23, 2026 Nov 6, 2006 N/A· v4 N/A· v3 4.9 MEDIUM· v2 alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems with malformed data structures.
CVE-2006-5396 1Sun 1Solaris Apr 23, 2026 Oct 18, 2006 N/A· v4 N/A· v3 4.9 MEDIUM· v2 The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints o...Show more The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system.Show less
CVE-2006-4842 2Netscape Sun 2Portable Runtime Api Solaris Apr 23, 2026 Oct 12, 2006 N/A· v4 N/A· v3 3.6 LOW· v2 The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users t...Show more The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.Show less
CVE-2006-5215 3Netbsd SunX.org 4Netbsd SolarisSunos+1 more Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's...Show more The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.Show less

Previous 1...789...23 Next