Vulnerabilities > SUN > Sunos > 5.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-06-12 | CVE-2012-0217 | Buffer Errors vulnerability in Freebsd The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. | 7.2 |
2003-04-02 | CVE-2003-0161 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. | 10.0 |
2001-12-31 | CVE-2001-1583 | OS Command Injection vulnerability in SUN Sunos lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. | 10.0 |
2001-12-12 | CVE-2001-0797 | Buffer Overflow vulnerability in Multiple Vendor System V Derived 'login' Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | 10.0 |
2001-10-30 | CVE-2001-0652 | Heap Overflow vulnerability in Solaris xlock Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. | 7.2 |
2001-08-14 | CVE-2001-0565 | Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option. | 4.6 |
2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
2001-07-02 | CVE-2001-0422 | Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. | 7.2 |
2001-07-02 | CVE-2001-0421 | Unspecified vulnerability in SUN Solaris and Sunos FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. | 6.4 |
2001-06-22 | CVE-2001-1328 | Unspecified vulnerability in SUN Sunos Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code. | 7.5 |