Filtered by vendor Sun Subscriptions
Filtered by product Sunos Subscriptions
Total 609 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0966 1 Sun 1 Sunos 2025-04-03 N/A
Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].
CVE-1999-1080 1 Sun 1 Sunos 2025-04-03 N/A
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
CVE-1999-1137 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
CVE-1999-1142 1 Sun 1 Sunos 2025-04-03 N/A
SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
CVE-1999-1158 1 Sun 1 Sunos 2025-04-03 N/A
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.
CVE-1999-1258 1 Sun 1 Sunos 2025-04-03 N/A
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
CVE-2001-1583 1 Sun 1 Sunos 2025-04-03 N/A
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
CVE-1999-1297 1 Sun 1 Sunos 2025-04-03 N/A
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
CVE-2002-0572 3 Freebsd, Openbsd, Sun 4 Freebsd, Openbsd, Solaris and 1 more 2025-04-03 N/A
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.
CVE-1999-1318 1 Sun 1 Sunos 2025-04-03 N/A
/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs.
CVE-2002-0033 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
CVE-1999-1423 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
CVE-1999-1432 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
CVE-1999-1592 2 Sendmail, Sun 2 Sendmail, Sunos 2025-04-03 N/A
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
CVE-1999-1468 4 Cray, Next, Sgi and 1 more 4 Unicos, Next, Irix and 1 more 2025-04-03 N/A
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
CVE-1999-1580 2 Sendmail, Sun 2 Sendmail, Sunos 2025-04-03 N/A
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
CVE-2002-1337 8 Gentoo, Hp, Netbsd and 5 more 11 Linux, Alphaserver Sc, Hp-ux and 8 more 2025-04-03 N/A
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVE-1999-1584 1 Sun 2 Openwindows, Sunos 2025-04-03 N/A
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
CVE-1999-1586 1 Sun 1 Sunos 2025-04-03 N/A
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.
CVE-2003-0161 5 Compaq, Hp, Redhat and 2 more 11 Tru64, Hp-ux, Hp-ux Series 700 and 8 more 2025-04-03 N/A
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.