CVSS: 5.5EPSS: 0%CPEs: 224EXPL: 0CVE-2009-2596
https://notcve.org/view.php?id=CVE-2009-2596
27 Jul 2009 — Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. Vulnerabilidad sin especificar en el subsistema Solaris Auditing en Sun Solaris v9 y v10 y OpenSolaris anteriores a snv_121, cuando los atributos extendidos de ficheros son utilizados, permite a usuarios locales producir una denegación de servicio... • http://secunia.com/advisories/35980 •
CVSS: 10.0EPSS: 4%CPEs: 228EXPL: 0CVE-2009-2296
https://notcve.org/view.php?id=CVE-2009-2296
02 Jul 2009 — The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. El módulo NFSv4 server kernel en Sun Solaris 10, y OpenSolaris anteriores a snv_119, no implemente apropiadamente nfs_portmon, lo que permite a los atacantes remotos acceso a archivos compartidos, leído, creados y modificados arbitrariamente, a través de vec... • http://osvdb.org/55519 •
CVSS: 4.9EPSS: 0%CPEs: 216EXPL: 0CVE-2009-2135
https://notcve.org/view.php?id=CVE-2009-2135
19 Jun 2009 — Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. Múltiples condiciones de carrera en el Solaris Event Port API en Sun Solaris v10 y OpenSolaris versiones anteriores a snv_107 permite a usuarios locales provocar una denegación de servicio (panic) mediante vectore no especificados relacionados con una carrera en... • http://osvdb.org/55231 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 210EXPL: 1CVE-2009-2029
https://notcve.org/view.php?id=CVE-2009-2029
11 Jun 2009 — Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. Vulnerabilidad sin especificar en rpc.nisd en Sun Solaris v8 a la v10, y OpenSolaris anterior snv_104, permite a usuarios autenticados remotamente provocar una denegación e servicio( caída de demonio NIS+) a través de vectores no especificados relacionados con las llamadas de NIS... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-112960-67-1 •
CVSS: 5.5EPSS: 0%CPEs: 227EXPL: 0CVE-2009-1933
https://notcve.org/view.php?id=CVE-2009-1933
05 Jun 2009 — Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. Kerberos in Sun Solaris 8, 9, y 10, y OpenSolaris anterior a snv_117, no administra adecuadamente las credenciales de caché, lo que permite a usuarios locales acceder a puntos de montaje "Kerberized NFS" y recursos compartidos "Kerberized NFS" a través de vectores no especificados. • http://secunia.com/advisories/35341 • CWE-255: Credentials Management Errors •
CVSS: 4.6EPSS: 0%CPEs: 226EXPL: 0CVE-2009-1276
https://notcve.org/view.php?id=CVE-2009-1276
09 Apr 2009 — XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. XScreenSaver en Sun Solaris v10 and OpenSolaris anteriores a snv_109, y Solaris v8 y v9 con GNOME v2.0 o v2.0.2, permite a atacantes próximos físicamente conseguir información sensible, leyendo las ven... • http://securitytracker.com/id?1022009 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 218EXPL: 0CVE-2009-0913
https://notcve.org/view.php?id=CVE-2009-0913
16 Mar 2009 — Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. Vulnerabilidad no especificada en el módulo keysock del kernel en Solaris v10 y OpenSolaris versiones vsnv_01 hasta vsnv_108 permite a usuarios locales provocar una denegación de servicio (error irrecuperable del sistema) mediante vectores desc... • http://osvdb.org/52678 •
CVSS: 7.8EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0874
https://notcve.org/view.php?id=CVE-2009-0874
12 Mar 2009 — Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. Vulnerabilidades múltiples no especificadas en el subsistema Doors en el kernel en Sun Solaris v8 ha... • http://secunia.com/advisories/34227 • CWE-399: Resource Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0875
https://notcve.org/view.php?id=CVE-2009-0875
12 Mar 2009 — Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. Condición de carrera en el subsistema Doors en el kernel en Sun Solaris v8 hasta v10, y OpenSolaris anterior a snv_94, permite a los usuarios locales causar una denegació... • http://osvdb.org/52561 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 221EXPL: 1CVE-2009-0872
https://notcve.org/view.php?id=CVE-2009-0872
11 Mar 2009 — The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. El servidor NFS en Sun Solaris 10 y Opensolaris anterios a svn_111, no implementa adecuadamente el modo de seguridad AUTH_NONE (también conocido como sec=none)... • http://osvdb.org/52559 • CWE-264: Permissions, Privileges, and Access Controls •