| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. |
| Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. |
| Land IP denial of service. |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Buffer overflow in statd allows root privileges. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| Buffer overflows in Sun libnsl allow root access. |
| Buffer overflow in Sun's ping program can give root access to local users. |
| Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by accessing data within sparse files. |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| Solaris ufsrestore buffer overflow. |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. |
| The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
| Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. |
