| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. |
| Denial of service in BIND named via malformed SIG records. |
| Denial of service in Linux syslogd via a large number of connections. |
| Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. |
| Buffer overflow in Solaris dtprintinfo program. |
| Buffer overflow in Solaris lpset program allows local users to gain root access. |
| Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. |
| The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. |
| A version of rusers is running that exposes valid user information to any entity on the network. |
| An SNMP community name is the default (e.g. public), null, or missing. |
| A Unix account has a default, null, blank, or missing password. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| Solaris ff.core allows local users to modify files. |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
