Sun: >> Solaris >> 2.5.1 Security Vulnerabilities
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
CVSS Score
9.8
EPSS Score
0.068
Published
1999-12-31
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
CVSS Score
10.0
EPSS Score
0.059
Published
1999-12-10
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
CVSS Score
10.0
EPSS Score
0.024
Published
1999-12-09
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
CVSS Score
10.0
EPSS Score
0.031
Published
1999-12-07
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
CVSS Score
2.1
EPSS Score
0.002
Published
1999-12-01
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
CVSS Score
2.1
EPSS Score
0.002
Published
1999-12-01
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
CVSS Score
5.0
EPSS Score
0.038
Published
1999-09-23
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
CVSS Score
4.6
EPSS Score
0.002
Published
1999-09-22
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVSS Score
7.5
EPSS Score
0.073
Published
1999-09-13
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
CVSS Score
7.2
EPSS Score
0.001
Published
1999-09-13