CVE-2008-3426
https://notcve.org/view.php?id=CVE-2008-3426
Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru. Vulnerabilidad no especificada del demonio Solaris Platform Information and Control Library daemon (picld) en Sun Solaris versión 8 hasta la 10, y OpenSolaris builds versión snv_01 hasta la snv_95, permite a usuarios locales provocar una denegación de servicio a través de vectores desconocidos que impiden operaciones con utilidades como prtdiag, prtpicl, y prtfru. • http://secunia.com/advisories/31303 http://secunia.com/advisories/31501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239728-1 http://support.avaya.com/elmodocs2/security/ASA-2008-351.htm http://www.securityfocus.com/bid/30450 http://www.securitytracker.com/id?1020609 http://www.vupen.com/english/advisories/2008/2262/references https://exchange.xforce.ibmcloud.com/vulnerabilities/44117 •
CVE-2008-2946
https://notcve.org/view.php?id=CVE-2008-2946
The SNMP-DMI mapper subagent daemon (aka snmpXdmid) in Solstice Enterprise Agents in Sun Solaris 8 through 10 allows remote attackers to cause a denial of service (daemon crash) via malformed packets. Subagente mapeador SNMP-DNI (aka snmpXdmid) en Solstice Enterprise Agents en Sun Solaris 8 hasta 10 permite a atacantes remotos causar la denegación e servicios (caída del demonio) a través de paquetes malformados • http://secunia.com/advisories/30863 http://sunsolve.sun.com/search/document.do?assetkey=1-26-237985-1 http://www.securityfocus.com/bid/29965 http://www.securitytracker.com/id?1020381 http://www.vupen.com/english/advisories/2008/1965/references • CWE-399: Resource Management Errors •
CVE-2008-2710
https://notcve.org/view.php?id=CVE-2008-2710
Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison. Error de presencia de signo entero en la función ip_set_srcfilter en el IP Multicast Filter en uts/common/inet/ip/ip_multi.c en el kernel de Sun Solaris 10 y OpenSolaris anterior a snv_92, permite a usuarios locales ejecutar código de su elección en otras "Solaris Zones" a través de una petición SIOCSIPMSFILTER IOCTL con un valor largo del campo imsf->imsf_numsrc, que dispara una escritura de memoria del kernel fuera de rango. NOTA: esto ha sido reportado como un desbordamiento de entero, pero el origen del problema implica una comparación de signo que no se realiza. • http://secunia.com/advisories/30693 http://sunsolve.sun.com/search/document.do?assetkey=1-26-237965-1 http://www.securityfocus.com/bid/29699 http://www.securitytracker.com/id?1020283 http://www.trapkit.de/advisories/TKADV2008-003.txt http://www.vupen.com/english/advisories/2008/1832/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43068 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5731 • CWE-189: Numeric Errors •
CVE-2008-1095
https://notcve.org/view.php?id=CVE-2008-1095
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly. La vulnerabilidad no especificada en la implementación del Protocolo de Internet (IP) en Sun Solaris versiones 8, 9 y 10 permite a los atacantes remotos omitir las políticas de firewall previstas o causar una denegación de servicio (pánico) por medio de vectores desconocidos, posiblemente relacionados con los paquetes ICMP y el reensamblaje de fragmentos IP. • http://secunia.com/advisories/29100 http://secunia.com/advisories/29379 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200183-1 http://support.avaya.com/elmodocs2/security/ASA-2008-119.htm http://www.securityfocus.com/bid/27967 http://www.vupen.com/english/advisories/2008/0645 https://exchange.xforce.ibmcloud.com/vulnerabilities/40473 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5511 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-6482
https://notcve.org/view.php?id=CVE-2007-6482
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Vulnerabilidad no especificada en el demonio Device Manager (utdevmgrd) en Sun Ray Server Software 2.0, 3.0, 3.1, y 3.1.1 permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de vectores no especificados. • http://osvdb.org/40846 http://secunia.com/advisories/28148 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103175-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201227-1 http://www.securityfocus.com/bid/26944 http://www.securitytracker.com/id?1019118 http://www.vupen.com/english/advisories/2007/4269 https://exchange.xforce.ibmcloud.com/vulnerabilities/39133 •