Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-09-09 | CVE-2003-1081 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. | 10.0 |
| 2003-08-27 | CVE-2003-0676 | Directory Traversal vulnerability in SUN Iplanet Directory Server and ONE Directory Server Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. | 5.0 |
| 2003-08-27 | CVE-2003-0669 | Denial-Of-Service vulnerability in Solaris Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users. | 1.2 |
| 2003-08-27 | CVE-2003-0609 | Unspecified vulnerability in SUN Solaris and Sunos Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. | 7.2 |
| 2003-08-27 | CVE-2003-0466 | Off-by-one Error vulnerability in multiple products Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | 9.8 |
| 2003-08-20 | CVE-2003-1063 | Unspecified vulnerability in SUN Solaris and Sunos The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy. | 7.5 |
| 2003-07-23 | CVE-2003-1065 | Denial of Service vulnerability in SUN Sunos 5.8 Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash). | 2.1 |
| 2003-07-23 | CVE-2003-1064 | Denial of Service vulnerability in Sun Solaris IPv6 Packet Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet. | 5.0 |
| 2003-07-03 | CVE-2003-1055 | Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup. | 7.2 |
| 2003-06-30 | CVE-2003-0414 | Unspecified vulnerability in SUN ONE Application Server 7.0 The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile. | 7.2 |