Vulnerabilities > SUN > Sunos > 5.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1871 | Unspecified vulnerability in SUN Solaris and Sunos pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | 7.2 |
| 2002-12-31 | CVE-2002-1763 | Authentication Bypass vulnerability in SUN Sunos 5.8 The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session. | 4.6 |
| 2002-12-23 | CVE-2002-1296 | Local Root vulnerability in Solaris priocntl() System Call Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. | 7.2 |
| 2002-12-11 | CVE-2002-1323 | Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls. | 4.6 |
| 2002-12-11 | CVE-2002-1317 | Remote Buffer Overrun vulnerability in Multiple Vendor X Font Server Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. | 7.5 |
| 2002-12-04 | CVE-2002-1587 | Denial of Service vulnerability in Sun Solaris Libthread Library The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a denial of service (hang) of an application that uses libthread by causing the application to wait for a certain mutex. | 2.1 |
| 2002-12-03 | CVE-2002-1586 | Denial Of Service vulnerability in Sun Solaris System Panic Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting the sd_struiowrq variable in the struioget function to null, which triggers a null dereference. | 2.1 |
| 2002-11-08 | CVE-2002-1585 | Denial Of Service vulnerability in Sun Solaris Network Interface Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers to cause a denial of service via certain packets that cause some network interfaces to stop responding to TCP traffic. | 5.0 |
| 2002-10-29 | CVE-2002-1590 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service. | 7.2 |
| 2002-10-28 | CVE-2002-1228 | Remote Denial of Service vulnerability in Solaris NFS lockd Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon. | 5.0 |