Sun: >> Solaris Security Vulnerabilities
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
CVSS Score
4.6
EPSS Score
0.001
Published
1998-11-12
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.
CVSS Score
10.0
EPSS Score
0.009
Published
1998-11-02
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
CVSS Score
10.0
EPSS Score
0.038
Published
1998-10-01
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
CVSS Score
7.5
EPSS Score
0.006
Published
1998-09-01
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.
CVSS Score
7.5
EPSS Score
0.013
Published
1998-08-31
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
CVSS Score
7.2
EPSS Score
0.001
Published
1998-08-01
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
CVSS Score
7.5
EPSS Score
0.03
Published
1998-07-16
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.
CVSS Score
10.0
EPSS Score
0.005
Published
1998-07-15
Sun's ftpd daemon can be subjected to a denial of service.
CVSS Score
5.0
EPSS Score
0.006
Published
1998-06-10
Buffer overflow in NIS+, in Sun's rpc.nisd program.
CVSS Score
10.0
EPSS Score
0.04
Published
1998-06-08