Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Solaris
(Sun)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 456 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-06-16 | CVE-2008-2710 | Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison. | Opensolaris, Solaris, Sunos | N/A | ||
| 2008-06-16 | CVE-2008-2706 | Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference. | Solaris | N/A | ||
| 2008-06-03 | CVE-2008-2538 | Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors. | Solaris | N/A | ||
| 2008-05-23 | CVE-2008-2418 | Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | Solaris | N/A | ||
| 2008-05-06 | CVE-2008-2090 | Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. | Solaris | N/A | ||
| 2008-05-06 | CVE-2008-2089 | Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet. | Solaris | N/A | ||
| 2008-04-14 | CVE-2008-1780 | Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors. | Solaris | N/A | ||
| 2008-04-14 | CVE-2008-1779 | Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets. | Solaris | N/A | ||
| 2008-04-06 | CVE-2008-1684 | inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. | Solaris | N/A | ||
| 2008-03-24 | CVE-2008-1480 | rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request. | Solaris, Sunos | N/A |