Solaris

solaris

Vendor: Sun • 450 CVEs

CVEs (450)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-5214 2Netbsd Sun 3Netbsd SolarisSunos Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 1.2 LOW· v2 Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak perm...Show more Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users.Show less
CVE-2006-5213 1Sun 1Solaris Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 3.6 LOW· v2 Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation (network device aggregation).
CVE-2006-5201 1Sun 9Jdk JreJsse+6 more Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5...Show more Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.Show less
CVE-2006-5075 1Sun 1Solaris Apr 23, 2026 Sep 29, 2006 N/A· v4 N/A· v3 7.8 HIGH· v2 The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.
CVE-2006-5073 1Sun 2Solaris Sunos Apr 23, 2026 Sep 29, 2006 N/A· v4 N/A· v3 7.8 HIGH· v2 Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013.
CVE-2006-5013 1Sun 1Solaris Apr 23, 2026 Sep 27, 2006 N/A· v4 N/A· v3 7.8 HIGH· v2 Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets.
CVE-2006-5012 1Sun 2Solaris Sunos Apr 23, 2026 Sep 27, 2006 N/A· v4 N/A· v3 6.6 MEDIUM· v2 Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.
CVE-2006-4655 2Sco Sun 2Solaris Unixware Apr 16, 2026 Sep 9, 2006 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_...Show more Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.Show less
CVE-2006-4439 1Sun 1Solaris Apr 16, 2026 Aug 29, 2006 N/A· v4 N/A· v3 3.6 LOW· v2 pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify ar...Show more pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871.Show less
CVE-2006-4319 1Sun 2Solaris Sunos Apr 16, 2026 Aug 24, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulner...Show more Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.Show less
CVE-2006-4307 1Sun 2Solaris Sunos Apr 16, 2026 Aug 23, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated priv...Show more Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319.Show less
CVE-2006-4306 1Sun 2Solaris Sunos Apr 16, 2026 Aug 23, 2006 N/A· v4 N/A· v3 7.2 HIGH· v2 Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File Syst...Show more Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile.Show less
CVE-2006-4303 1Sun 1Solaris Apr 16, 2026 Aug 23, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to...Show more Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers to cause a denial of service ("tight loop" and CPU consumption for listener applications) via unknown vectors related to TCP fusion (do_tcp_fusion).Show less
CVE-2006-4139 1Sun 1Solaris Apr 16, 2026 Aug 14, 2006 N/A· v4 N/A· v3 5.4 MEDIUM· v2 Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries.
CVE-2006-4117 1Sun 1Solaris Apr 16, 2026 Aug 14, 2006 N/A· v4 N/A· v3 5.4 MEDIUM· v2 The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP conne...Show more The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP connections ("heavy TCP/IP loads"). NOTE: the original report specifies the function name as "drain_squeue," but this is likely incorrect.Show less
CVE-2006-3968 1Sun 1Solaris Apr 16, 2026 Aug 1, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has be...Show more The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified.Show less
CVE-2006-3920 1Sun 2Solaris Sunos Apr 16, 2026 Jul 28, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK stor...Show more The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm.Show less
CVE-2006-3825 1Sun 1Solaris Apr 16, 2026 Jul 25, 2006 N/A· v4 N/A· v3 2.1 LOW· v2 The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication.
CVE-2006-3824 1Sun 1Solaris Apr 16, 2026 Jul 25, 2006 N/A· v4 N/A· v3 4.9 MEDIUM· v2 systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been...Show more systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow.Show less
CVE-2006-3783 1Sun 1Solaris Apr 16, 2026 Jul 24, 2006 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors involving (1) the /net mount point and (2) the "-hosts" map in a mount point.

Previous 1...8910...23 Next