| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. |
| The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. |
| Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). |
| Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file. |
| The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root). |
| rpc.admind in Solaris is not running in a secure mode. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| Vacation program allows command execution by remote users through a sendmail command. |
| Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. |
| Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. |
| The recover program in Solstice Backup allows local users to restore sensitive files. |
| A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. |
| Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption). |
| Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. |
| rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. |
| Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). |
| Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database. |
| The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop). |
| Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082. |
| Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. |
