CVE-2009-0268
https://notcve.org/view.php?id=CVE-2009-0268
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. Una condición de carrera en el pseudo-terminal (alias PTY) en el módulo controlador de Sun Solaris 8 a 10, y OpenSolaris en versiones anteriores a la snv_103, permite a usuarios locales provocar una denegación de servicio (con un panic del kernel) a través de vectores no especificados relacionados con la falta de "código correctamente secuenciado" en PTC y PTSL. • http://secunia.com/advisories/33708 http://sunsolve.sun.com/search/document.do?assetkey=1-21-113685-07-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-249586-1 http://support.avaya.com/elmodocs2/security/ASA-2009-034.htm http://www.securityfocus.com/bid/33406 http://www.securitytracker.com/id?1021640 https://exchange.xforce.ibmcloud.com/vulnerabilities/48179 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6061 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2009-0267
https://notcve.org/view.php?id=CVE-2009-0267
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. libike en Sun Solaris v9 y v10, y OpenSolaris anteriores a snv_100, no chequean los paquetes de forma apropiada, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio in.iked) a través de paquetes IKE no especificados, es una vulnerabilidad distinta a CVE-2007-2989 • http://secunia.com/advisories/33702 http://sunsolve.sun.com/search/document.do?assetkey=1-21-113451-15-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-247406-1 http://support.avaya.com/elmodocs2/security/ASA-2009-032.htm http://www.securityfocus.com/bid/33407 https://exchange.xforce.ibmcloud.com/vulnerabilities/48178 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6116 • CWE-20: Improper Input Validation •
CVE-2009-0131
https://notcve.org/view.php?id=CVE-2009-0131
The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call. La implementacion UFS en el Kernel de Sun OpenSolaris snv_29 hasta la snv_90 permite a usuarios locales producir una denegacion de servicio (produciendo un panic) a traves de la prueba unica posix_fallocate en el conjunto de pruebas SUSv3 POSIX, relacionado con una llamada F_ALLOCSP fcntl. • http://bugs.opensolaris.org/view_bug.do?bug_id=6711995 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239188-1 http://www.securityfocus.com/bid/33267 http://www.securitytracker.com/id?1021600 •
CVE-2009-0069
https://notcve.org/view.php?id=CVE-2009-0069
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. Vulnerabilidad no especificada en la función nfs4rename_persistent_fh en el cliente NFS 4 (también conocido como NFSv4) en el kernel en Sun Solaris 10 y OpenSolaris antes de snv_102 permite a usuarios locales provocar una denegación de servicio (mutex_enter recursivo y panic) mediante vectores no especificados. • http://mail.opensolaris.org/pipermail/onnv-notify/2008-October/015342.html http://secunia.com/advisories/33361 http://sunsolve.sun.com/search/document.do?assetkey=1-21-139466-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-248566-1 http://www.securityfocus.com/bid/33128 http://www.securitytracker.com/id?1021519 http://www.vupen.com/english/advisories/2009/0030 https://exchange.xforce.ibmcloud.com/vulnerabilities/47750 • CWE-399: Resource Management Errors •
CVE-2008-5699
https://notcve.org/view.php?id=CVE-2008-5699
The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors. El Demonio de Caché del Servicio de Nombres (ncsd) en Sun Solaris 10 y OpenSolaris snv_50 hasta snv_104 no comprueba adecuadamente los permisos, esto permite a usuarios locales obtener privilegios e información sensible a través de vectores no especificados. • http://osvdb.org/50934 http://secunia.com/advisories/33218 http://securitytracker.com/id?1021477 http://sunsolve.sun.com/search/document.do?assetkey=1-26-242006-1 http://www.securityfocus.com/bid/32921 • CWE-264: Permissions, Privileges, and Access Controls •