The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
CVSS Score
7.2
EPSS Score
0.003
Published
1999-09-13
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
CVSS Score
7.2
EPSS Score
0.008
Published
1999-09-13
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-09-13
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
CVSS Score
7.2
EPSS Score
0.006
Published
1999-09-08
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
CVSS Score
7.5
EPSS Score
0.391
Published
1999-08-11
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVSS Score
7.2
EPSS Score
0.004
Published
1999-08-09
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-08-09
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
CVSS Score
10.0
EPSS Score
0.056
Published
1999-07-01
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-06-10
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-06-09