CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6495
https://notcve.org/view.php?id=CVE-2006-6495
13 Dec 2006 — Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cases of external introduction of malicious message files, or if it is leveraged with other vulnerabilities such as CVE-2006-6494. Desbordamiento de búfer en el ld.so.1 del Sun Solaris 8, 9 y 10 permite a atacantes l... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=450 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6494
https://notcve.org/view.php?id=CVE-2006-6494
13 Dec 2006 — Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers. Vulnerabilidad de escalado de directorio en ld.so.1 del Sun Solaris 8, 9 y 10 permite a usuarios locales ejecutar código de su elección a través de la secuencia .. (punto punto) en la variable de entorno LANG que señala a un fichero local que cont... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=449 •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6275
https://notcve.org/view.php?id=CVE-2006-6275
04 Dec 2006 — Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals. Condición de carrera en el núcleo de Sun Solaris 8 hasta 10 permite a usuarios locales provocar una denegación de servicio (panic) a través de vectores no especificados, posiblemente relacionados con la función exitlwps y las señales SIGKILL y /proc PCAGENT. • http://secunia.com/advisories/23187 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 54EXPL: 0CVE-2006-5215
https://notcve.org/view.php?id=CVE-2006-5215
09 Oct 2006 — The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file. La secuencia de comandos Xsession, tambien usado por X Display Manager (xdm) en NetBSD anterior a 12/02/2006, X.Org anterior a 17/03/2006, y Solaris 8 hasta la 10 anterior a 06/10/2006, permiten a un usuario local sobre es... • http://secunia.com/advisories/22992 •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2006-5214
https://notcve.org/view.php?id=CVE-2006-5214
09 Oct 2006 — Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users. Condición de carrera en la secuencia de comandos Xsession, usada por el Administrador de pantalla X (X Display Manager, xdm) en NetBSD anerior al 12/02/2006, X.Org anterior al 25/02/20... • http://secunia.com/advisories/22323 •
CVSS: 5.9EPSS: 0%CPEs: 95EXPL: 0CVE-2006-5201
https://notcve.org/view.php?id=CVE-2006-5201
09 Oct 2006 — Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and o... • http://secunia.com/advisories/22204 •
CVSS: 7.8EPSS: 6%CPEs: 3EXPL: 0CVE-2006-5073
https://notcve.org/view.php?id=CVE-2006-5073
29 Sep 2006 — Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013. Vulnerabilidad no especificada en Sun Solaris 8, 9 y 10 permite a atacantes remotos provocar una denegación de servicio (panic) mediante paquetes IPv6 construidos artesanalmente, una vulnerabilidad distinta de CV6-2006-5013. • http://secunia.com/advisories/22132 •
CVSS: 6.6EPSS: 0%CPEs: 14EXPL: 0CVE-2006-5012
https://notcve.org/view.php?id=CVE-2006-5012
27 Sep 2006 — Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors. Vulnerabilidad no especificada en Sun Solaris 8, 9, y 10 anteiror a 25/09/2006, permite a un usuario local provocar una denegación de servicio (deshabilitar el registro del sistema) y evitar que los mensajes de la seguridad sean registrados a trvavés de vectores sin especificar. • http://secunia.com/advisories/22083 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 4CVE-2006-4655 – X11R6 < 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4655
09 Sep 2006 — Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value. Desbordamiento de búfer en función Strcmp en la extensión XKEYBOARD en Window System X11R6.4 y anteriores, según lo utilizado en SCO UnixWare 7.1.3 y Sun Solaris 8 hasta la 10, permite a un usuario local subir privilegios a través del valor de la larga var... • https://www.exploit-db.com/exploits/2332 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2006-4319
https://notcve.org/view.php?id=CVE-2006-4319
24 Aug 2006 — Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. Desbordamiento de búfer en el comando format en Solaris 8, 9, y 10 permite a usuarios locales con acceso a format (tales y como el perfil RBAC "File System Management") ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad distinta d... • http://secunia.com/advisories/21581 •