| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Sun's ftpd daemon can be subjected to a denial of service. |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. |
| Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 might allow local users to gain privileges or cause a denial of service (application failure) via unknown attack vectors that involve the getpwnam family of non-reentrant functions. |
| Buffer overflow in Solaris lpset program allows local users to gain root access. |
| Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. |
| Buffer overflow in SunOS/Solaris ps command. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| Solaris ff.core allows local users to modify files. |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
