Search Results (1712 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0696 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.
CVE-2000-0697 1 Sun 1 Solaris Answerbook2 2026-04-16 N/A
The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.
CVE-2004-1351 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code.
CVE-2004-1394 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.
CVE-2001-1076 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.
CVE-2001-1075 1 Sun 1 Cobalt Raq 3i 2026-04-16 N/A
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file.
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2026-04-16 N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-2000-0844 13 Caldera, Conectiva, Debian and 10 more 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more 2026-04-16 N/A
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-1999-0210 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
CVE-2000-1075 2 Netscape, Sun 2 Directory Server, Iplanet Certificate Management System 2026-04-16 N/A
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
CVE-2000-1076 2 Netscape, Sun 2 Directory Server, Iplanet Certificate Management System 2026-04-16 N/A
Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.
CVE-2004-1503 1 Sun 1 Jre 2026-04-16 N/A
Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative.
CVE-2002-0085 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
CVE-2002-0088 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
CVE-2002-0089 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
CVE-2002-0090 1 Sun 1 Solaris 2026-04-16 N/A
Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.
CVE-2005-0248 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.
CVE-2003-1060 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.
CVE-2005-0471 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names.
CVE-2001-0059 1 Sun 1 Sunos 2026-04-16 N/A
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.