Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-06-18
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
CVSS Score
7.2
EPSS Score
0.001
Published
2001-03-26
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-03-12
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-03-12
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVSS Score
10.0
EPSS Score
0.009
Published
2000-11-14
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-06-14
Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-01-06
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
CVSS Score
10.0
EPSS Score
0.01
Published
1999-12-09
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
CVSS Score
10.0
EPSS Score
0.031
Published
1999-12-07
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
CVSS Score
4.6
EPSS Score
0.002
Published
1999-09-22