Vulnerabilities
Vulnerable Software
Sun:  >> Solaris  >> 2.4  Security Vulnerabilities
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
CVSS Score
10.0
EPSS Score
0.031
Published
1999-12-07
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
CVSS Score
4.6
EPSS Score
0.002
Published
1999-09-22
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVSS Score
7.5
EPSS Score
0.073
Published
1999-09-13
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
CVSS Score
7.2
EPSS Score
0.004
Published
1999-09-13
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-08-09
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-06-09
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
CVSS Score
7.5
EPSS Score
0.068
Published
1999-06-07
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-02-10
rpc.admind in Solaris is not running in a secure mode.
CVSS Score
10.0
EPSS Score
0.005
Published
1999-01-01
The passwd command in Solaris can be subjected to a denial of service.
CVSS Score
7.2
EPSS Score
0.001
Published
1998-12-17


Contact Us

Shodan ® - All rights reserved