Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Solaris
(Sun)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 456 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-02-15 | CVE-2005-0447 | Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets. | Solaris, Sunos | N/A | ||
| 2005-05-02 | CVE-2005-0426 | Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference. | Solaris, Sunos | N/A | ||
| 2005-05-02 | CVE-2005-0248 | The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts. | Solaris, Sunos | N/A | ||
| 2005-03-05 | CVE-2005-0109 | Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | Freebsd, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Openserver, Unixware, Solaris, Ubuntu_linux | 5.6 | ||
| 2004-12-31 | CVE-2004-2686 | Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure. | Solaris, Sunos | N/A | ||
| 2004-12-31 | CVE-2004-2306 | Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | Solaris, Sunos | N/A | ||
| 2004-12-31 | CVE-2004-1767 | The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. | Solaris, Sunos | N/A | ||
| 2004-12-31 | CVE-2004-1394 | The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges. | Solaris, Sunos | N/A | ||
| 2004-12-31 | CVE-2004-1393 | Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | Solaris, Sunos | N/A | ||
| 2004-02-27 | CVE-2004-1360 | Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. | Solaris, Sunos | N/A |