CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2009-2857
https://notcve.org/view.php?id=CVE-2009-2857
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file. El kernel en Sun Solaris v8, v9, y v10, y OpenSolaris anteriores a snv_103, no maneja adecuadamente la interacción entre el sistema de ficheros y las implementaciones de memoria virtual, lo que permite a usuarios locales producir una denegación de servicio (bloqueo mutuo ,-deadlock- y parada del sistema) a través de vectores que incluyen operación de nmap y escritura en el mismo fichero. • http://secunia.com/advisories/36319 http://sunsolve.sun.com/search/document.do?assetkey=1-21-127721-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-257848-1 http://www.vupen.com/english/advisories/2009/2291 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6152 • CWE-667: Improper Locking •
CVSS: 4.7EPSS: 0%CPEs: 224EXPL: 0CVE-2009-2596
https://notcve.org/view.php?id=CVE-2009-2596
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. Vulnerabilidad sin especificar en el subsistema Solaris Auditing en Sun Solaris v9 y v10 y OpenSolaris anteriores a snv_121, cuando los atributos extendidos de ficheros son utilizados, permite a usuarios locales producir una denegación de servicio (panic) a través de vectores relacionados con los miembros estructurales fad_autpath. • http://secunia.com/advisories/35980 http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-39-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264428-1 http://www.securityfocus.com/bid/35787 •
CVSS: 10.0EPSS: 1%CPEs: 228EXPL: 0CVE-2009-2296
https://notcve.org/view.php?id=CVE-2009-2296
The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. El módulo NFSv4 server kernel en Sun Solaris 10, y OpenSolaris anteriores a snv_119, no implemente apropiadamente nfs_portmon, lo que permite a los atacantes remotos acceso a archivos compartidos, leído, creados y modificados arbitrariamente, a través de vectores no especificados. • http://osvdb.org/55519 http://secunia.com/advisories/35672 http://secunia.com/advisories/42550 http://sunsolve.sun.com/search/document.do?assetkey=1-21-139991-03-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-262668-1 http://www.securityfocus.com/bid/35546 http://www.securitytracker.com/id?1022492 http://www.vupen.com/english/advisories/2009/1747 https://exchange.xforce.ibmcloud.com/vulnerabilities/51450 https://support.avaya.com/css/P8/documents/100058487 •
CVSS: 4.9EPSS: 0%CPEs: 216EXPL: 0CVE-2009-2135
https://notcve.org/view.php?id=CVE-2009-2135
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. Múltiples condiciones de carrera en el Solaris Event Port API en Sun Solaris v10 y OpenSolaris versiones anteriores a snv_107 permite a usuarios locales provocar una denegación de servicio (panic) mediante vectore no especificados relacionados con una carrera entre las funciones "port_dissociate" y "close". • http://osvdb.org/55231 http://osvdb.org/55232 http://secunia.com/advisories/35279 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141414-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-260449-1 http://support.avaya.com/elmodocs2/security/ASA-2009-246.htm http://www.securityfocus.com/bid/35437 http://www.securitytracker.com/id?1022422 http://www.vupen.com/english/advisories/2009/1634 https://exchange.xforce.ibmcloud.com/vulnerabilities/51284 https:&# • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 1%CPEs: 210EXPL: 1CVE-2009-2029
https://notcve.org/view.php?id=CVE-2009-2029
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. Vulnerabilidad sin especificar en rpc.nisd en Sun Solaris v8 a la v10, y OpenSolaris anterior snv_104, permite a usuarios autenticados remotamente provocar una denegación e servicio( caída de demonio NIS+) a través de vectores no especificados relacionados con las llamadas de NIS+ ñ. • http://sunsolve.sun.com/search/document.do?assetkey=1-21-112960-67-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256748-1 http://www.securityfocus.com/bid/35276 http://www.vupen.com/english/advisories/2009/1566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6331 •