Product:

Sunos

(Sun)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 566
Date Id Summary Products Score Patch Annotated
2005-05-02 CVE-2005-0248 The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts. Solaris, Sunos N/A
2004-12-31 CVE-2004-2686 Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure. Solaris, Sunos N/A
2004-12-31 CVE-2004-2306 Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. Solaris, Sunos N/A
2004-12-31 CVE-2004-1767 The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. Solaris, Sunos N/A
2004-12-31 CVE-2004-1394 The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges. Solaris, Sunos N/A
2004-12-31 CVE-2004-1393 Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). Solaris, Sunos N/A
2004-02-27 CVE-2004-1360 Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. Solaris, Sunos N/A
2004-03-04 CVE-2004-1359 Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. Solaris, Sunos N/A
2004-04-23 CVE-2004-1356 Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. Solaris, Sunos N/A
2004-04-26 CVE-2004-1355 Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. Solaris, Sunos N/A