CVSS: 9.3EPSS: 35%CPEs: 23EXPL: 1CVE-2008-0964 – Sun Solaris 10 - snoop(1M) Utility Remote Command Execution
https://notcve.org/view.php?id=CVE-2008-0964
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. Múltiples desbordamientos de búfer en la región stack de la memoria en Snoop en Sun Solaris versión 8 hasta 10 y OpenSolaris anterior a la versión snv_96, cuando se omite la opción -o, permiten a los atacantes remotos ejecutar código arbitrario por medio de un paquete SMB creado. • https://www.exploit-db.com/exploits/6328 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=734 http://secunia.com/advisories/31386 http://secunia.com/advisories/31535 http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1 http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935 http://www.securityfocus.com/bid/30556 http://www.securitytracker.com/id?1020633 http://www.vupen.com&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 15%CPEs: 23EXPL: 0CVE-2008-0965
https://notcve.org/view.php?id=CVE-2008-0965
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. Múltiples vulnerabilidades de cadena de formato en snoop sobre Sun Solaris versión 8 hasta 10 y OpenSolaris anterior a la versión snv_96, cuando se omite la opción -o, permiten a los atacantes remotos ejecutar código arbitrario por medio de especificadores de cadena de formato en un paquete SMB. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=735 http://secunia.com/advisories/31386 http://secunia.com/advisories/31535 http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1 http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935 http://www.securityfocus.com/bid/30556 http://www.securitytracker.com/id?1020633 http://www.vupen.com/english/advisories/2008/2311 https://exchang • CWE-134: Use of Externally-Controlled Format String •
CVSS: 4.7EPSS: 0%CPEs: 24EXPL: 0CVE-2008-3549
https://notcve.org/view.php?id=CVE-2008-3549
Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors. Vulnerabilidad no especificada en la API pthread_mutex_reltimedlock_np de Sun Solaris 10 y OpenSolaris versiones anteriores a la snv_90, permite a usuarios locales provocar una denegación de servicio (cuelgue del sistema o panic) a través de vectores desconocidos. • http://secunia.com/advisories/31348 http://sunsolve.sun.com/search/document.do?assetkey=1-66-239387-1 http://www.securityfocus.com/bid/30561 http://www.securitytracker.com/id?1020634 http://www.vupen.com/english/advisories/2008/2312 https://exchange.xforce.ibmcloud.com/vulnerabilities/44224 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5446 • CWE-399: Resource Management Errors •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 0CVE-2008-3426
https://notcve.org/view.php?id=CVE-2008-3426
Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru. Vulnerabilidad no especificada del demonio Solaris Platform Information and Control Library daemon (picld) en Sun Solaris versión 8 hasta la 10, y OpenSolaris builds versión snv_01 hasta la snv_95, permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos que impiden operaciones con utilidades como prtdiag, prtpicl, y prtfru. • http://secunia.com/advisories/31303 http://secunia.com/advisories/31501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239728-1 http://support.avaya.com/elmodocs2/security/ASA-2008-351.htm http://www.securityfocus.com/bid/30450 http://www.securitytracker.com/id?1020609 http://www.vupen.com/english/advisories/2008/2262/references https://exchange.xforce.ibmcloud.com/vulnerabilities/44117 •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2008-2708
https://notcve.org/view.php?id=CVE-2008-2708
Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv_93, allows local users to cause a denial of service (panic) via unspecified vectors, probably related to core files. Vulnerabilidad no especificada en los módulos de Sun (1) UltraSPARC T2 y (2) UltraSPARC T2+ kernel de Sun Solaris 10 y OpenSolaris anterior a snv_93, permite a usuarios locales provocar una denegación de servicio (panic) mediante vectores no especificados, probablemente relacionados con archivos del núcleo. • http://secunia.com/advisories/30654 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238688-1 http://www.securityfocus.com/bid/29678 http://www.securitytracker.com/id?1020275 http://www.vupen.com/english/advisories/2008/1805 https://exchange.xforce.ibmcloud.com/vulnerabilities/43003 •