Vulnerabilities > SUN > Sunos > 5.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-09 | CVE-2008-2121 | Configuration vulnerability in SUN Sunos 5.10/5.8/5.9 The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack. | 7.8 |
| 2008-02-29 | CVE-2008-1095 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly. | 6.8 |
| 2007-12-20 | CVE-2007-6482 | Multiple vulnerability in Sun Ray Device Manager Daemon Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 7.8 |
| 2007-12-20 | CVE-2007-6480 | Unspecified vulnerability in SUN Management+Center 3.5Update1/3.6/3.6.1 The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code. | 9.4 |
| 2007-11-14 | CVE-2007-3880 | USE of Externally-Controlled Format String vulnerability in SUN NET Connect Software 3.2.3/3.2.4 Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog. | 7.2 |
| 2007-10-05 | CVE-2007-5225 | Numeric Errors vulnerability in SUN Sunos 5.10/5.8/5.9 Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl. | 4.9 |
| 2007-08-17 | CVE-2007-4395 | Remote Privilege Escalation vulnerability in SUN Sunos 5.8 Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. | 7.6 |
| 2007-08-13 | CVE-2007-4310 | Remote Security vulnerability in SUN Sunos 5.7/5.8/5.9 The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503. network sun | 4.3 |
| 2007-07-12 | CVE-2007-3717 | Local Security vulnerability in SUN Sunos 5.10/5.8/5.9 rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225. local sun | 6.9 |
| 2007-06-06 | CVE-2007-3094 | Remote Privilege Escalation vulnerability in Sun Solaris Management Console Authentication Mechanism Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server. | 9.0 |