Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-09 | CVE-2009-0480 | Numeric Errors vulnerability in SUN Opensolaris and Solaris The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. | 4.9 |
| 2009-02-08 | CVE-2009-0477 | Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. | 7.2 |
| 2009-02-02 | CVE-2008-6024 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. | 5.4 |
| 2009-01-29 | CVE-2009-0348 | Information Exposure vulnerability in SUN Java System Access Manager 6.32005Q1/7.1/72005Q4 The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. | 5.0 |
| 2009-01-29 | CVE-2009-0346 | Cryptographic Issues vulnerability in SUN Opensolaris and Solaris The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. | 4.9 |
| 2009-01-29 | CVE-2009-0345 | Permissions, Privileges, and Access Controls vulnerability in SUN Fire X2100 M2 and Fire X2200 M2 Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6648082, a different vulnerability than CVE-2007-5717. | 10.0 |
| 2009-01-29 | CVE-2009-0344 | Permissions, Privileges, and Access Controls vulnerability in SUN Fire X2100 M2 and Fire X2200 M2 Unspecified vulnerability in the Embedded Lights Out Manager (ELOM) on the Sun Fire X2100 M2 and X2200 M2 x86 platforms before SP/BMC firmware 3.20 allows remote attackers to obtain privileged ELOM login access or execute arbitrary Service Processor (SP) commands via unknown vectors, aka Bug ID 6633175, a different vulnerability than CVE-2007-5717. | 10.0 |
| 2009-01-28 | CVE-2009-0319 | Local Code Execution vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." local sun | 6.9 |
| 2009-01-27 | CVE-2009-0304 | Remote Denial of Service vulnerability in SUN Opensolaris and Solaris The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. | 7.8 |
| 2009-01-27 | CVE-2009-0278 | Information Exposure vulnerability in SUN Java System Application Server 8.1/8.2 Sun Java System Application Server (AS) 8.1 and 8.2 allows remote attackers to read the Web Application configuration files in the (1) WEB-INF or (2) META-INF directory via a malformed request. | 5.0 |