| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. |
| NFS cache poisoning. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| The passwd command in Solaris can be subjected to a denial of service. |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. |
| Solaris volrmmount program allows attackers to read any file. |
| SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
| Buffer overflow in Solaris fdformat command gives root access to local users. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| Solaris ff.core allows local users to modify files. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| A Unix account has a default, null, blank, or missing password. |
| sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
