Filtered by vendor Sun Subscriptions
Total 1712 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-1080 1 Sun 1 Sunos 2026-04-16 N/A
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
CVE-1999-1102 4 Apple, Bsd, Sgi and 1 more 4 A Ux, Bsd, Irix and 1 more 2026-04-16 N/A
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
CVE-1999-1118 1 Sun 1 Solaris 2026-04-16 N/A
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.
CVE-2004-1352 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.
CVE-2004-1357 1 Sun 1 Solaris 2026-04-16 N/A
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
CVE-1999-1158 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.
CVE-1999-1192 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
CVE-2002-0347 1 Sun 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 2026-04-16 N/A
Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.
CVE-1999-1258 1 Sun 1 Sunos 2026-04-16 N/A
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
CVE-2002-0387 1 Sun 1 One Application Server 2026-04-16 N/A
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.
CVE-1999-1371 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.
CVE-1999-1388 1 Sun 1 Sunos 2026-04-16 N/A
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
CVE-2002-0430 1 Sun 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 2026-04-16 N/A
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
CVE-1999-1419 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.
CVE-1999-1425 1 Sun 1 Solstice Adminsuite 2026-04-16 N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd.
CVE-2002-0436 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
CVE-1999-1428 1 Sun 1 Solstice Adminsuite 2026-04-16 N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.
CVE-1999-1432 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
CVE-1999-1449 1 Sun 1 Sunos 2026-04-16 N/A
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
CVE-1999-1468 4 Cray, Next, Sgi and 1 more 4 Unicos, Next, Irix and 1 more 2026-04-16 N/A
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.