Vulnerabilities > SUN > Opensolaris > snv.43
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-03-11 | CVE-2009-0872 | Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris and Solaris The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. | 6.8 |
2009-03-10 | CVE-2009-0870 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. | 4.7 |
2009-02-09 | CVE-2009-0480 | Numeric Errors vulnerability in SUN Opensolaris and Solaris The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. | 4.9 |
2009-01-29 | CVE-2009-0346 | Cryptographic Issues vulnerability in SUN Opensolaris and Solaris The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. | 4.9 |
2009-01-28 | CVE-2009-0319 | Local Code Execution vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." local sun | 6.9 |
2009-01-27 | CVE-2009-0304 | Remote Denial of Service vulnerability in SUN Opensolaris and Solaris The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. | 7.8 |
2009-01-26 | CVE-2009-0268 | Race Condition vulnerability in SUN Opensolaris and Solaris Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. | 4.9 |
2009-01-26 | CVE-2009-0267 | Improper Input Validation vulnerability in SUN Opensolaris and Solaris libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. | 5.0 |
2009-01-15 | CVE-2009-0131 | Local Denial Of Service vulnerability in Sun OpenSolaris 'posix_fallocate(3C)' System Call The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call. | 4.9 |
2009-01-07 | CVE-2009-0069 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. | 4.9 |