Sun: >> Solaris >> 10 Security Vulnerabilities
Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.
CVSS Score
6.8
EPSS Score
0.014
Published
2008-04-14
Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors.
CVSS Score
4.6
EPSS Score
0.001
Published
2008-04-14
Multiple unspecified vulnerabilities in HP Select Identity 4.00, 4.01, 4.11, 4.12, 4.13, and 4.20 allow remote authenticated users to access other user accounts via unknown vectors, a different issue than CVE-2008-0214.
CVSS Score
5.5
EPSS Score
0.003
Published
2008-04-07
inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file.
CVSS Score
4.7
EPSS Score
0.0
Published
2008-04-06
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.
CVSS Score
4.3
EPSS Score
0.121
Published
2008-03-24
Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash.
CVSS Score
6.3
EPSS Score
0.0
Published
2008-03-17
Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues.
CVSS Score
4.9
EPSS Score
0.0
Published
2008-03-13
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors.
CVSS Score
7.8
EPSS Score
0.005
Published
2008-03-11
Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.0
Published
2008-03-08
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.
CVSS Score
6.8
EPSS Score
0.007
Published
2008-02-29