CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2009-4211 – DISA STIG SRR Still Vulnerable
https://notcve.org/view.php?id=CVE-2009-4211
The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program. El script Security Readiness Review (SRR) de la U.S. Defense Information Systems Agency (DISA) para la plataforma Solaris x86 ejecuta ficheros como root en directorios elegidos para nombres de fichero iguales a (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, o (7) wireshark, permitiendo a usuarios locales ganar privilegios mediante un programa troyano. Running DISA SRR scripts against your server can get you easily rooted. • http://securitytracker.com/id?1023265 http://www.kb.cert.org/vuls/id/433821 http://www.securityfocus.com/archive/1/508188/100/0/threaded http://www.securityfocus.com/bid/37200 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0CVE-2009-4187
https://notcve.org/view.php?id=CVE-2009-4187
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados(XSS) en el componente Gateway en Sun Java System Portal Server v6.3.1, v7.1, y v7.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria. • http://securitytracker.com/id?1023260 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-04-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-269368-1 http://www.securityfocus.com/bid/37186 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2009-4191
https://notcve.org/view.php?id=CVE-2009-4191
Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad inespecífica en el kernel en Sun Solaris v10 y OpenSolaris v2009.06 en plataformas x86-64 permite a usuarios locales ganar privilegios a traves de vectores desconocidos, como se demuestra en el modulo vd_sol_local en VulnDisco Pack Professional v8.12. NOTA: Como en 20091203, esta divulgacion no tiene informacion determinante. • http://www.intevydis.com/blog/?p=79 http://www.intevydis.com/vd-list.shtml •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-4190
https://notcve.org/view.php?id=CVE-2009-4190
Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows remote attackers to cause a denial of service (panic) via unknown vectors, as demonstrated by the vd_solaris2 module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad inespecífica en el kernel en Sun OpenSolaris 2009.06 permite a atacantes remotos producir una denegación de servicio (panic) a traves de vectores desconocidos, como se demuestra con el modulo vd_solaris2 en VulnDisco Pack Professional v8.12. NOTA: como en 20091203, esta información no contiene información relevante. • http://www.intevydis.com/blog/?p=79 http://www.intevydis.com/vd-list.shtml •
CVSS: 2.1EPSS: 0%CPEs: 78EXPL: 0CVE-2009-4080
https://notcve.org/view.php?id=CVE-2009-4080
Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache daemon) in Sun Solaris 9 and 10, and OpenSolaris before snv_78, allow local users to cause a denial of service (daemon crash) via vectors involving multiple serviceSearchDescriptor attributes and a call to the getldap_lookup function, and unspecified other vectors. Múltiples vulnerabilidades no especificadas en ldap_cachemgr (también conocido como demonio de la caché del configuración del cliente LDAP= en Sun Solaris V9 y V10 y OpenSolaris anteriores a snv_79, permite a a usuarios locales provocar una denegación de servicio (caída del demonio) a través de vectores que implican múltiples atributos serviceSearchDescriptor y una llamada a la función getldap_lookup y otros vectores no específicos. • http://osvdb.org/60514 http://secunia.com/advisories/37505 http://secunia.com/advisories/37506 http://sunsolve.sun.com/search/document.do?assetkey=1-21-112960-69-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-231402-1 http://www.securityfocus.com/bid/37129 http://www.securitytracker.com/id?1023239 http://www.vupen.com/english/advisories/2009/3336 •