Vulnerabilities > SUN > Sunos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-04 | CVE-2008-3450 | Permissions, Privileges, and Access Controls vulnerability in SUN Sunos 5.10/5.8/5.9 Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors. | 7.2 |
| 2008-06-30 | CVE-2008-2946 | Resource Management Errors vulnerability in SUN Solaris and Sunos The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets. | 7.8 |
| 2008-06-16 | CVE-2008-2710 | Numeric Errors vulnerability in SUN Opensolaris, Solaris and Sunos Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. | 7.2 |
| 2008-05-09 | CVE-2008-2121 | Configuration vulnerability in SUN Sunos 5.10/5.8/5.9 The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack. | 7.8 |
| 2007-12-20 | CVE-2007-6482 | Multiple vulnerability in Sun Ray Device Manager Daemon Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 7.8 |
| 2007-11-14 | CVE-2007-3880 | USE of Externally-Controlled Format String vulnerability in SUN NET Connect Software 3.2.3/3.2.4 Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog. | 7.2 |
| 2007-08-17 | CVE-2007-4395 | Remote Privilege Escalation vulnerability in SUN Sunos 5.8 Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. | 7.6 |
| 2007-06-14 | CVE-2007-3223 | Denial of Service vulnerability in Sun Solaris NFS Server XDR Handling Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions. | 7.8 |
| 2007-05-09 | CVE-2007-2529 | Local Denial Of Service vulnerability in Sun Solaris ACE_SETACL Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL. | 7.2 |
| 2007-02-23 | CVE-2006-7028 | Denial-Of-Service vulnerability in Solaris Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. | 7.8 |