CVE-2001-1076 – Solaris 2.6/2.6/7.0/8 whodo - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-1076
Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable. • https://www.exploit-db.com/exploits/20974 http://archives.neohapsis.com/archives/bugtraq/2001-07/0076.html http://www.securityfocus.com/bid/2935 https://exchange.xforce.ibmcloud.com/vulnerabilities/6802 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A34 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A47 •
CVE-2001-0422 – Solaris 2.x/7.0/8 - Xsun HOME Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0422
Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. • https://www.exploit-db.com/exploits/20743 http://archives.neohapsis.com/archives/bugtraq/2001-04/0158.html http://www.securityfocus.com/bid/2561 https://exchange.xforce.ibmcloud.com/vulnerabilities/6343 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A555 •
CVE-2001-0401 – Solaris 2.5/2.6/7.0/8 tip - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0401
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. • https://www.exploit-db.com/exploits/20684 http://archives.neohapsis.com/archives/bugtraq/2001-03/0394.html http://www.securityfocus.com/bid/2475 https://exchange.xforce.ibmcloud.com/vulnerabilities/6284 •
CVE-2001-0426 – SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0426
Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable. • https://www.exploit-db.com/exploits/20766 http://archives.neohapsis.com/archives/bugtraq/2001-04/0203.html •
CVE-2001-0421 – Solaris 2.6 - FTP Core Dump Shadow Password Recovery
https://notcve.org/view.php?id=CVE-2001-0421
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. • https://www.exploit-db.com/exploits/20764 http://www.securityfocus.com/archive/1/177200 http://www.securityfocus.com/bid/2601 •