Vulnerabilities > SUN > Sunos > 5.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0816 | Local Buffer Overflow vulnerability in Sun Solaris NewGRP Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. | 7.2 |
| 2005-05-02 | CVE-2005-0426 | Local Denial Of Service vulnerability in Sun Solaris UDP Processing Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference. | 5.0 |
| 2005-05-02 | CVE-2005-0248 | Unspecified vulnerability in SUN Solaris and Sunos The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts. | 7.5 |
| 2005-04-12 | CVE-2004-0791 | Remote Denial Of Service vulnerability in Multiple Vendor TCP/IP Implementation ICMP Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. | 5.0 |
| 2005-04-12 | CVE-2004-0790 | Remote Denial Of Service vulnerability in Multiple Vendor TCP/IP Implementation ICMP Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. | 5.0 |
| 2005-02-23 | CVE-2004-0481 | Unspecified vulnerability in SUN Solaris and Sunos The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. | 2.1 |
| 2005-02-15 | CVE-2005-0447 | Remote Denial Of Service vulnerability in Sun Solaris ARP Handling Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets. | 5.0 |
| 2004-12-31 | CVE-2004-2686 | Path Traversal vulnerability in SUN Solaris and Sunos Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. | 7.2 |
| 2004-12-31 | CVE-2004-2306 | Unspecified vulnerability in SUN Solaris and Sunos Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | 4.6 |
| 2004-12-31 | CVE-2004-1767 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. | 7.2 |