Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-28 | CVE-2002-1228 | Remote Denial of Service vulnerability in Solaris NFS lockd Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. | 5.0 |
| 2002-10-28 | CVE-2002-1199 | Local File Disclosure vulnerability in ypxfrd The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | 5.0 |
| 2002-10-24 | CVE-2002-1589 | Denial Of Service vulnerability in Sun Solaris 8 KMEM_FLAGS Kernel Parameter Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). | 2.1 |
| 2002-10-04 | CVE-2002-1042 | Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | 5.0 |
| 2002-10-04 | CVE-2002-1034 | Unspecified vulnerability in SUN I-Runbook 2.5.2 none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument. | 10.0 |
| 2002-10-04 | CVE-2002-1033 | Unspecified vulnerability in SUN I-Runbook 2.5.2 Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via a "..:" sequence (dot-dot variant) in the argument. | 5.0 |
| 2002-10-04 | CVE-2002-0994 | Unspecified vulnerability in SUN PCI II Driver 2.3 SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications. | 7.5 |
| 2002-10-04 | CVE-2002-0885 | Multiple vulnerability in Multiple Vendor In.Rarpd Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error. | 7.5 |
| 2002-10-04 | CVE-2002-0884 | Multiple vulnerability in Multiple Vendor In.Rarpd Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error. | 7.5 |
| 2002-09-05 | CVE-2002-0679 | Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | 10.0 |