| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| NFS cache poisoning. |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| The passwd command in Solaris can be subjected to a denial of service. |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. |
| Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information. |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. |
| Solaris volrmmount program allows attackers to read any file. |
| nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. |
| Buffer overflow in SunOS/Solaris ps command. |
| SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
| Buffer overflow in Solaris fdformat command gives root access to local users. |
