Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Solaris
(Sun)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 456 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1998-12-01 | CVE-1999-0321 | Buffer overflow in Solaris kcms_configure command allows local users to gain root access. | Solaris | N/A | ||
| 1999-01-01 | CVE-1999-0568 | rpc.admind in Solaris is not running in a secure mode. | Solaris | N/A | ||
| 1999-09-08 | CVE-1999-0767 | Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | Solaris, Sunos | N/A | ||
| 1999-12-05 | CVE-1999-0982 | The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. | Solaris, Web\-Based_enterprise_management | N/A | ||
| 2001-08-14 | CVE-2001-0554 | Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | Debian_linux, Freebsd, Aix, Kerberos, Kerberos_5, Netbsd, Linux_netkit, Openbsd, Irix, Solaris, Sunos | N/A | ||
| 2004-08-18 | CVE-2004-0523 | Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | Kerberos, Kerberos_5, Propack, Seam, Solaris, Sunos, Tinysofa_enterprise_server | N/A | ||
| 2003-02-19 | CVE-2003-0058 | MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | Kerberos_5, Enterprise_authentication_mechanism, Solaris, Sunos | N/A | ||
| 2003-03-25 | CVE-2003-0028 | Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. | Unicos, Freebsd, Glibc, Hp\-Ux, Hp\-Ux_series_700, Hp\-Ux_series_800, Aix, Kerberos_5, Openafs, Openbsd, Irix, Solaris, Sunos | N/A | ||
| 2006-10-10 | CVE-2006-5201 | Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly... | Jdk, Jre, Jsse, Nss, Sdk, Secure_global_desktop, Solaris, Staroffice, Sunos | N/A | ||
| 2010-03-29 | CVE-2010-1183 | Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager. | Solaris | N/A |