Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-18 | CVE-2004-0523 | Principal Name Buffer Overrun vulnerability in MIT Kerberos 5 KRB5_AName_To_Localname Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | 10.0 |
| 2004-08-10 | CVE-2004-1347 | Denial Of Service vulnerability in Sun Solaris XDMCP X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request. | 5.0 |
| 2004-08-06 | CVE-2004-0654 | Denial Of Service vulnerability in Sun Solaris Basic Security Module Auditing Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). | 2.1 |
| 2004-08-06 | CVE-2004-0653 | Unspecified vulnerability in SUN Solaris 9.0 Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. | 2.1 |
| 2004-08-06 | CVE-2004-0651 | Remote Denial Of Service vulnerability in Sun Java Runtime Environment Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). | 5.0 |
| 2004-07-27 | CVE-2004-0742 | Privilege Escalation vulnerability in SUN Java System Calendar Server 6.2 Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view. | 10.0 |
| 2004-07-27 | CVE-2004-0701 | Unspecified vulnerability in SUN RAY Server Software 1.3/2.0 Sun Ray Server Software (SRSS) 1.3 and 2.0 for Solaris 2.6, 7 and 8 does not properly detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which could cause a user session to stay logged in and allow local users to gain unauthorized access. | 4.6 |
| 2004-06-21 | CVE-2004-1345 | Privilege Escalation vulnerability in SUN products Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access. | 7.2 |
| 2004-06-19 | CVE-2004-1346 | Denial Of Service vulnerability in SUN Solaris 9.0 The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM. | 2.1 |
| 2004-05-14 | CVE-2004-1354 | Path Traversal vulnerability in SUN Solaris and Sunos The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | 5.0 |