Sun: >> Solaris >> 2.4 Security Vulnerabilities
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
CVSS Score
7.2
EPSS Score
0.002
Published
1997-01-06
aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.
CVSS Score
7.2
EPSS Score
0.001
Published
1996-12-20
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
CVSS Score
4.6
EPSS Score
0.001
Published
1996-12-03
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
CVSS Score
2.1
EPSS Score
0.004
Published
1996-08-15
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.
CVSS Score
4.6
EPSS Score
0.002
Published
1996-08-03
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.014
Published
1995-10-19
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
CVSS Score
2.1
EPSS Score
0.001
Published
1993-10-01
Page 10