Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-10-30 | CVE-2001-0652 | Heap Overflow vulnerability in Solaris xlock Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. | 7.2 |
| 2001-10-09 | CVE-2001-1414 | Unspecified vulnerability in SUN Solaris and Sunos The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root. | 7.5 |
| 2001-09-20 | CVE-2001-0701 | Buffer Overflow vulnerability in Solaris PTExec Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument. | 7.2 |
| 2001-09-20 | CVE-2001-0699 | Buffer Overflow vulnerability in SUN Sunos 5.8 Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. | 7.2 |
| 2001-09-20 | CVE-2001-0686 | Buffer Overflow vulnerability in SUN Solaris 5.8/8.0 Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable. | 4.6 |
| 2001-08-31 | CVE-2001-1066 | Symbolic Link vulnerability in Netscape 6 Temp File ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
| 2001-08-31 | CVE-2001-1008 | Unspecified vulnerability in SUN Java Plug-In and JRE Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate. | 7.5 |
| 2001-08-22 | CVE-2001-0634 | Unspecified vulnerability in SUN Chilisoft 3.5.2 Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service. | 7.2 |
| 2001-08-22 | CVE-2001-0633 | Directory Traversal vulnerability in SUN Chilisoft 3.5.2 Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'. | 5.0 |
| 2001-08-22 | CVE-2001-0632 | Remote Security vulnerability in SUN Chilisoft 3.5.2/3.6 Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges. | 7.5 |