| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. |
| Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors. |
| Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766. |
| Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. |
| The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. |
| Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. |
| Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. |
| The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters. |
| Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. |
| Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event. |
| pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password. |
| Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. |
| Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors. |
| service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. |
