Filtered by vendor Sun
Subscriptions
Filtered by product Sunos
Subscriptions
Total
609 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0694 | 12 Apple, Compaq, Freebsd and 9 more | 20 Mac Os X, Mac Os X Server, Tru64 and 17 more | 2025-04-03 | N/A |
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||||
CVE-2003-1060 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference. | ||||
CVE-2003-1070 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). | ||||
CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2025-04-03 | N/A |
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | ||||
CVE-2004-0496 | 5 Gentoo, Linux, Mandrakesoft and 2 more | 13 Linux, Linux Kernel, Mandrake Linux and 10 more | 2025-04-03 | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | ||||
CVE-2004-0654 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). | ||||
CVE-2004-0790 | 2 Microsoft, Sun | 8 Windows 2000, Windows 2003 Server, Windows 98 and 5 more | 2025-04-03 | N/A |
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. | ||||
CVE-2004-1082 | 8 Apache, Apple, Avaya and 5 more | 14 Http Server, Apache Mod Digest Apple, Communication Manager and 11 more | 2025-04-03 | N/A |
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | ||||
CVE-2003-1073 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. | ||||
CVE-2004-1348 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). | ||||
CVE-2004-2306 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | ||||
CVE-2005-0488 | 4 Microsoft, Mit, Redhat and 1 more | 4 Telnet Client, Kerberos 5, Enterprise Linux and 1 more | 2025-04-03 | N/A |
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | ||||
CVE-2003-1072 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption). | ||||
CVE-2003-1071 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. | ||||
CVE-2003-1069 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop). | ||||
CVE-2003-1068 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082. | ||||
CVE-2003-1067 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions. | ||||
CVE-2003-1066 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. | ||||
CVE-2003-1065 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash). | ||||
CVE-2003-1064 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet. |