CVSS: 10.0EPSS: 95%CPEs: 3EXPL: 2CVE-2010-4435 – Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4435
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call 10. Una vulnerabilidad no especificada en Solaris de Oracle versiones 8, 9 y 10, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad, relacionadas con CDE Calendar Manager Service Daemon and RPC. NOTA: la información anterior fue obtenida de la CPU de enero de 2011. • https://www.exploit-db.com/exploits/16137 http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02702395 http://osvdb.org/70569 http://secunia.com/advisories/42984 http://secunia.com/advisories/43258 http://securityreason.com/securityalert/8069 http://www.exploit-db.com/exploits/16137 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/archive/1/516284&#x •
CVSS: 4.1EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4415
https://notcve.org/view.php?id=CVE-2010-4415
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to libc. Vulnerabilidad no especificada en Oracle Solaris v8, v9 y v10 permite a usuarios locales afectar la una confidencialidad, integridad y disponibilidad a traves de vectores desconocidos relacionados con libc. • http://secunia.com/advisories/42984 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45904 http://www.securitytracker.com/id?1024975 http://www.vupen.com/english/advisories/2011/0151 https://exchange.xforce.ibmcloud.com/vulnerabilities/64803 •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3586
https://notcve.org/view.php?id=CVE-2010-3586
Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and integrity via unknown vectors related to XScreenSaver. Vulnerabilidad no especificada en Oracle Solaris v9 permite a usuarios locales afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con XScreenSaver. • http://secunia.com/advisories/42984 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45903 http://www.securitytracker.com/id?1024975 http://www.vupen.com/english/advisories/2011/0151 https://exchange.xforce.ibmcloud.com/vulnerabilities/64805 •
CVSS: 7.8EPSS: 32%CPEs: 4EXPL: 1CVE-2010-2632 – libc/glob - Resource Exhaustion / Remote ftpd-anonymous (Denial of Service)
https://notcve.org/view.php?id=CVE-2010-2632
Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames. Vulnerabilidad no especificada en FTP Server para Oracle Solaris v8, v9, v10, v11 y Express permite a atacantes remotos afectar a la disponibilidad, relacionado con FTP. FreeBSD version 9.1 suffers from a remote ftpd denial of service vulnerability. • https://www.exploit-db.com/exploits/15215 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598 http://secunia.com/advisories/42984 http://secunia.com/advisories/43433 http://secunia.com/advisories/55212 http://securityreason.com/achievement_securityalert/89 http://securityreason.com/achievement_securityalert/97 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securitytracker.com/id?1024975 http://www.vupen.com/english/advisories/2011/0151 https:/ •
CVSS: 2.1EPSS: 0%CPEs: 78EXPL: 0CVE-2009-4080
https://notcve.org/view.php?id=CVE-2009-4080
Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache daemon) in Sun Solaris 9 and 10, and OpenSolaris before snv_78, allow local users to cause a denial of service (daemon crash) via vectors involving multiple serviceSearchDescriptor attributes and a call to the getldap_lookup function, and unspecified other vectors. Múltiples vulnerabilidades no especificadas en ldap_cachemgr (también conocido como demonio de la caché del configuración del cliente LDAP= en Sun Solaris V9 y V10 y OpenSolaris anteriores a snv_79, permite a a usuarios locales provocar una denegación de servicio (caída del demonio) a través de vectores que implican múltiples atributos serviceSearchDescriptor y una llamada a la función getldap_lookup y otros vectores no específicos. • http://osvdb.org/60514 http://secunia.com/advisories/37505 http://secunia.com/advisories/37506 http://sunsolve.sun.com/search/document.do?assetkey=1-21-112960-69-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-231402-1 http://www.securityfocus.com/bid/37129 http://www.securitytracker.com/id?1023239 http://www.vupen.com/english/advisories/2009/3336 •