| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries. |
| Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. |
| Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. |
| Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. |
| The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. |
| Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd. |
| Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. |
| Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges. |
| Buffer overflow in NIS+, in Sun's rpc.nisd program. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| Buffer overflow in statd allows root privileges. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Solaris ufsrestore buffer overflow. |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. |
| NFS cache poisoning. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. |
| The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. |