Solaris

solaris

Vendor: Sun • 450 CVEs

CVEs (450)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0523 4Mit SgiSun+1 more 7Kerberos Kerberos 5Propack+4 more Apr 16, 2026 Aug 18, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
CVE-2004-0654 1Sun 2Solaris Sunos Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a d...Show more Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).Show less
CVE-2004-0653 1Sun 1Solaris Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to ga...Show more Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files.Show less
CVE-2004-1346 1Sun 1Solaris Apr 16, 2026 Jun 19, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.
CVE-2004-1354 1Sun 2Solaris Sunos Apr 16, 2026 May 14, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to...Show more The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack.Show less
CVE-2004-1355 1Sun 2Solaris Sunos Apr 16, 2026 Apr 26, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
CVE-2004-1356 1Sun 2Solaris Sunos Apr 16, 2026 Apr 23, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
CVE-2004-1357 1Sun 1Solaris Apr 16, 2026 Apr 7, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their a...Show more The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.Show less
CVE-2004-1358 1Sun 1Solaris Apr 16, 2026 Mar 12, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
CVE-2004-1359 1Sun 2Solaris Sunos Apr 16, 2026 Mar 4, 2004 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
CVE-2004-1180 3Debian MandrakesoftSun 5Debian Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 16, 2026 Feb 16, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
CVE-2004-1082 8Apache AppleAvaya+5 more 14Apache Mod Digest Apple Communication ManagerHttp Server+11 more Apr 16, 2026 Feb 3, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
CVE-2003-0999 1Sun 2Solaris Sunos Apr 16, 2026 Jan 5, 2004 N/A· v4 N/A· v3 7.2 HIGH· v2 Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
CVE-2003-1082 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068.
CVE-2003-1076 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.
CVE-2003-1073 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 1.2 LOW· v2 A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at c...Show more A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.Show less
CVE-2003-1066 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.
CVE-2003-0914 9Compaq FreebsdHp+6 more 10Aix BindFreebsd+7 more Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 4.3 MEDIUM· v2 ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVE-2003-1056 1Sun 2Solaris Sunos Apr 16, 2026 Dec 11, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
CVE-2003-1057 1Sun 2Solaris Sunos Apr 16, 2026 Dec 8, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.

Previous 1...121314...23 Next