Sun: >> Solaris >> 10.0 Security Vulnerabilities
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers.
CVSS Score
4.3
EPSS Score
0.395
Published
2005-11-01
Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-10-17
Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-10-14
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-09-28
Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-09-20
Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses.
CVSS Score
7.5
EPSS Score
0.016
Published
2005-09-08
traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot).
CVSS Score
4.6
EPSS Score
0.002
Published
2005-06-29
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.
CVSS Score
7.2
EPSS Score
0.003
Published
2005-06-29
Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-06-09
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
CVSS Score
5.0
EPSS Score
0.851
Published
2005-04-12