Sun: >> Solaris >> 9.0 Security Vulnerabilities
Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang).
CVSS Score
2.1
EPSS Score
0.001
Published
2003-03-05
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVSS Score
7.5
EPSS Score
0.009
Published
2003-03-03
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
CVSS Score
5.0
EPSS Score
0.193
Published
2003-02-19
Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated.
CVSS Score
5.0
EPSS Score
0.011
Published
2003-02-18
Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users.
CVSS Score
1.2
EPSS Score
0.001
Published
2003-02-11
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
CVSS Score
5.0
EPSS Score
0.652
Published
2003-02-07
Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.
CVSS Score
5.0
EPSS Score
0.009
Published
2003-01-27
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.
CVSS Score
2.1
EPSS Score
0.003
Published
2003-01-03
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-12-31
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
CVSS Score
7.2
EPSS Score
0.0
Published
2002-12-23