| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| The SunView (SunTools) selection_svc facility allows remote users to read files. |
| Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data. |
| Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors. |
| Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. |
| The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. |
| NFS allows attackers to read and write any file on the system by specifying a false UID. |
| rpc.admind in Solaris is not running in a secure mode. |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. |
| NFS allows users to use a "cd .." command to access other directories besides the exported file system. |
| a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. |
| NFS cache poisoning. |
| rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. |
| /usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs. |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. |
