pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password.
CVSS Score
10.0
EPSS Score
0.006
Published
2001-05-03
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
CVSS Score
7.2
EPSS Score
0.001
Published
2001-03-26
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-03-12
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-03-12
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.
CVSS Score
6.2
EPSS Score
0.002
Published
2001-02-12
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
CVSS Score
1.2
EPSS Score
0.003
Published
2001-02-12
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-12-19
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVSS Score
10.0
EPSS Score
0.009
Published
2000-11-14
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-06-14
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-05-12