Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-16 | CVE-2008-5908 | Local Security vulnerability in OpenSolaris Unspecified vulnerability in the root/boot archive tool in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653455. | 7.2 |
| 2009-01-15 | CVE-2009-0132 | Numeric Errors vulnerability in SUN Opensolaris and Solaris Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument). | 4.9 |
| 2009-01-15 | CVE-2009-0131 | Local Denial Of Service vulnerability in Sun OpenSolaris 'posix_fallocate(3C)' System Call The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call. | 4.9 |
| 2009-01-07 | CVE-2009-0069 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. | 4.9 |
| 2009-01-07 | CVE-2009-0046 | Improper Authentication vulnerability in SUN Grid Engine 5.3 Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | 5.0 |
| 2008-12-29 | CVE-2008-5746 | Link Following vulnerability in SUN Snmp Management Agent 1.4/1.5.3/1.5.4 Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files. | 6.9 |
| 2008-12-22 | CVE-2008-5699 | Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris and Solaris The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors. | 4.6 |
| 2008-12-19 | CVE-2008-5690 | Credentials Management vulnerability in SUN Opensolaris and Solaris The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. | 2.1 |
| 2008-12-19 | CVE-2008-5689 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference. | 7.2 |
| 2008-12-19 | CVE-2008-5685 | Unspecified vulnerability in SUN Scapp Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), via spoofed IP packets. | 10.0 |