| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. |
| Solaris volrmmount program allows attackers to read any file. |
| nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. |
| Buffer overflow in SunOS/Solaris ps command. |
| SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
| Buffer overflow in Solaris fdformat command gives root access to local users. |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. |
| In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. |
| Solaris ff.core allows local users to modify files. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| A Unix account has a default, null, blank, or missing password. |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
| Buffer overflow in NIS+, in Sun's rpc.nisd program. |
