Solaris

solaris

Vendor: Sun • 450 CVEs

CVEs (450)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2003-0092 1Sun 2Solaris Sunos Apr 16, 2026 Apr 2, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.
CVE-2003-0091 1Sun 2Solaris Sunos Apr 16, 2026 Apr 2, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.
CVE-2003-1074 1Sun 1Solaris Apr 16, 2026 Mar 28, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.
CVE-2003-0028 10Cray FreebsdGnu+7 more 13Aix FreebsdGlibc+10 more Apr 16, 2026 Mar 25, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers...Show more Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.Show less
CVE-2003-1077 1Sun 1Solaris Apr 16, 2026 Mar 5, 2003 N/A· v4 N/A· v3 2.1 LOW· v2 Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang).
CVE-2003-0064 4Hp IbmSgi+1 more 5Aix Hp UxIrix+2 more Apr 16, 2026 Mar 3, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file contain...Show more The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.Show less
CVE-2003-1078 1Sun 2Solaris Sunos Apr 16, 2026 Feb 28, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login.
CVE-2003-0058 2Mit Sun 4Enterprise Authentication Mechanism Kerberos 5Solaris+1 more Apr 16, 2026 Feb 19, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null derefe...Show more MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.Show less
CVE-2003-1079 1Sun 2Solaris Sunos Apr 16, 2026 Feb 18, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause...Show more Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.Show less
CVE-2003-0027 1Sun 2Solaris Sunos Apr 16, 2026 Feb 7, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
CVE-2003-1075 1Sun 2Solaris Sunos Apr 16, 2026 Jan 27, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.
CVE-2003-1071 1Sun 2Solaris Sunos Apr 16, 2026 Jan 3, 2003 N/A· v4 N/A· v3 2.1 LOW· v2 rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from...Show more rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.Show less
CVE-2002-2203 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.
CVE-2002-2197 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
CVE-2002-2089 1Sun 1Solaris Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.
CVE-2002-1980 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.
CVE-2002-1871 1Sun 2Solaris Sunos Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges.
CVE-2002-1584 2Sgi Sun 3Irix SolarisSunos Apr 16, 2026 Dec 27, 2002 N/A· v4 N/A· v3 10.0 HIGH· v2 Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
CVE-2002-1345 3Ncftp Software OpenbsdSun 4Ncftp OpenbsdSolaris+1 more Apr 16, 2026 Dec 23, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) seque...Show more Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.Show less
CVE-2002-1296 1Sun 2Solaris Sunos Apr 16, 2026 Dec 23, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a mal...Show more Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.Show less

Previous 1...141516...23 Next