Vulnerabilities > SUN > Sunos > 5.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-11-14 | CVE-2000-0844 | Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | 10.0 |
2000-06-14 | CVE-2000-0471 | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. | 7.2 |
2000-01-06 | CVE-2000-0055 | Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. | 7.2 |
1999-12-10 | CVE-1999-0977 | Authentication vulnerability in Solaris sadmind Disabled Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. | 10.0 |
1999-12-09 | CVE-1999-0974 | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. | 10.0 |
1999-12-07 | CVE-1999-0973 | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | 10.0 |
1999-09-22 | CVE-1999-0786 | Unspecified vulnerability in SUN Solaris and Sunos The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. | 4.6 |
1999-09-13 | CVE-1999-0691 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | 7.2 |
1999-09-13 | CVE-1999-0689 | The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. | 7.2 |
1999-09-13 | CVE-1999-0687 | The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | 7.5 |