| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. |
| The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. |
| rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. |
| Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. |
| Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. |
| Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). |
| Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. |
| Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
| Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. |
| Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege. |
