Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Solaris
(Sun)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 456 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-04-02 | CVE-2003-0161 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. | Tru64, Hp\-Ux, Hp\-Ux_series_700, Hp\-Ux_series_800, Sis, Sendmail, Sendmail_switch, Solaris, Sunos | N/A | ||
| 2003-04-02 | CVE-2003-0092 | Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable. | Solaris, Sunos | N/A | ||
| 2003-04-02 | CVE-2003-0091 | Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege. | Solaris, Sunos | N/A | ||
| 2003-03-03 | CVE-2003-0064 | The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | Hp\-Ux, Aix, Irix, Solaris, Sunos | N/A | ||
| 2003-02-07 | CVE-2003-0027 | Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. | Solaris, Sunos | N/A | ||
| 2002-12-31 | CVE-2002-2203 | Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. | Solaris, Sunos | N/A | ||
| 2002-12-31 | CVE-2002-2197 | Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. | Solaris, Sunos | N/A | ||
| 2002-12-31 | CVE-2002-2089 | Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument. | Solaris | N/A | ||
| 2002-12-31 | CVE-2002-1980 | Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. | Solaris, Sunos | N/A | ||
| 2002-12-31 | CVE-2002-1871 | pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | Solaris, Sunos | N/A |