CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN » Solaris » 8.0 * Sparc * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2008-3870 189 Exec Code Overflow 2009-05-26 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.
2 CVE-2008-3869 119 Exec Code Overflow 2009-05-26 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.
3 CVE-2007-6180 362 DoS 2007-11-30 2017-07-29
7.6
None Local Network Medium Not required Partial Complete Complete
Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors.
4 CVE-2007-5632 DoS 2007-10-23 2017-09-29
4.9
None Local Low Not required None None Complete
Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions.
5 CVE-2007-5462 20 DoS 2007-10-15 2017-07-29
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems.
6 CVE-2007-5365 119 DoS Exec Code Overflow 2007-10-11 2018-10-15
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
7 CVE-2007-5132 362 DoS 2007-09-27 2017-09-29
4.9
None Local Low Not required None None Complete
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."
8 CVE-2007-5118 DoS 2007-09-27 2017-09-29
4.7
None Local Medium Not required None None Complete
Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.
9 CVE-2007-4732 20 DoS 2007-09-06 2017-09-29
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.
10 CVE-2007-4070 2007-07-30 2017-09-29
4.9
None Local Low Not required Complete None None
Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.
11 CVE-2007-3471 Exec Code Overflow 2007-06-28 2017-09-29
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.
12 CVE-2007-3458 DoS 2007-06-27 2017-10-11
4.9
None Local Low Not required None None Complete
The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
13 CVE-2007-3283 2007-06-19 2017-10-11
6.8
None Local Low ??? Complete Complete Complete
GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
14 CVE-2006-5215 2006-10-10 2018-10-30
2.6
None Local High Not required Partial Partial None
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file.
15 CVE-2006-5012 DoS 2006-09-27 2018-10-30
6.6
None Local Low Not required None Complete Complete
Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.
16 CVE-2006-4655 Overflow +Priv 2006-09-09 2018-10-17
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.
17 CVE-2006-4319 Exec Code Overflow 2006-08-24 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.
18 CVE-2006-3664 DoS 2006-07-18 2018-10-30
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors.
19 CVE-2002-0158 Overflow +Priv 2002-04-02 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.
20 CVE-2002-0089 Overflow +Priv 2002-03-15 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
21 CVE-2002-0088 Overflow +Priv 2002-03-15 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
22 CVE-2002-0085 DoS 2002-03-15 2018-10-30
5.0
None Remote Low Not required None None Partial
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
23 CVE-2002-0084 Overflow +Priv 2002-03-15 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
24 CVE-2002-0033 Exec Code Overflow 2002-05-29 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
25 CVE-2001-0565 Overflow +Priv 2001-08-14 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
26 CVE-2001-0526 Overflow +Priv 2001-08-14 2018-05-03
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
Total number of vulnerabilities : 26   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.