Vulnerabilities > SUN > Sunos > 5.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-13 | CVE-2008-3666 | Local Denial of Service vulnerability in SUN Opensolaris, Solaris and Sunos Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library. network sun | 7.1 |
| 2008-08-08 | CVE-2008-0965 | USE of Externally-Controlled Format String vulnerability in SUN Opensolaris, Solaris and Sunos Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. | 9.3 |
| 2008-08-08 | CVE-2008-0964 | Buffer Errors vulnerability in SUN Opensolaris, Solaris and Sunos Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | 9.3 |
| 2008-08-04 | CVE-2008-3450 | Permissions, Privileges, and Access Controls vulnerability in SUN Sunos 5.10/5.8/5.9 Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors. | 7.2 |
| 2008-07-31 | CVE-2008-3426 | Local Denial of Service vulnerability in SUN Opensolaris, Solaris and Sunos Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru. | 2.1 |
| 2008-06-30 | CVE-2008-2946 | Resource Management Errors vulnerability in SUN Solaris and Sunos The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets. | 7.8 |
| 2008-06-16 | CVE-2008-2708 | Kernel Denial of Service vulnerability in Sun Solaris 10 and OpenSolaris Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv_93, allows local users to cause a denial of service (panic) via unspecified vectors, probably related to core files. | 4.9 |
| 2008-06-10 | CVE-2008-0960 | Improper Authentication vulnerability in Juniper Session and Resource Control and SRC PE SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. | 10.0 |
| 2008-06-05 | CVE-2008-2552 | Resource Management Errors vulnerability in SUN Service TAG Unspecified vulnerability in the Service Tag Registry on Sun Solaris 10, and Sun Service Tag before 1.1.3, allows local users to cause a denial of service (disk consumption) via unspecified vectors. | 4.9 |
| 2008-05-12 | CVE-2008-2144 | Remote Code Execution vulnerability in SUN Sunos 5.10/5.8/5.9 Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors. | 10.0 |