Vulnerabilities > SUN > Solaris > 2.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-01-03 | CVE-2003-1071 | Unspecified vulnerability in SUN Solaris and Sunos rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. | 2.1 |
2002-12-31 | CVE-2002-2203 | Unspecified vulnerability in SUN Solaris and Sunos Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. | 4.9 |
2002-12-31 | CVE-2002-1980 | Local Buffer Overflow vulnerability in Sun Solaris Volume Manager Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. | 7.2 |
2002-12-31 | CVE-2002-1871 | Unspecified vulnerability in SUN Solaris and Sunos pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | 7.2 |
2002-12-27 | CVE-2002-1584 | Privilege Escalation vulnerability in Sun Solaris RPC AUTH_DES Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. | 10.0 |
2002-12-23 | CVE-2002-1345 | Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. | 5.0 |
2002-12-23 | CVE-2002-1296 | Local Root vulnerability in Solaris priocntl() System Call Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. | 7.2 |
2002-12-11 | CVE-2002-1317 | Remote Buffer Overrun vulnerability in Multiple Vendor X Font Server Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | 7.5 |
2002-12-04 | CVE-2002-1587 | Denial of Service vulnerability in Sun Solaris Libthread Library The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. | 2.1 |
2002-12-03 | CVE-2002-1586 | Denial Of Service vulnerability in Sun Solaris System Panic Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference. | 2.1 |