CVE-2001-0421 – Solaris 2.6 - FTP Core Dump Shadow Password Recovery
https://notcve.org/view.php?id=CVE-2001-0421
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. • https://www.exploit-db.com/exploits/20764 http://www.securityfocus.com/archive/1/177200 http://www.securityfocus.com/bid/2601 •
CVE-2001-0190
https://notcve.org/view.php?id=CVE-2001-0190
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). • http://marc.info/?l=bugtraq&m=97983943716311&w=2 http://marc.info/?l=bugtraq&m=98028642319440&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/6224 •
CVE-1999-1102
https://notcve.org/view.php?id=CVE-1999-1102
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. • http://ciac.llnl.gov/ciac/bulletins/e-25.shtml http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm http://www.phreak.org/archives/security/8lgm/8lgm.lpr •
CVE-1999-1297
https://notcve.org/view.php?id=CVE-1999-1297
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100452&zone_32=10045%2A%20 https://exchange.xforce.ibmcloud.com/vulnerabilities/7482 •
CVE-1999-1192
https://notcve.org/view.php?id=CVE-1999-1192
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/143 http://www.iss.net/security_center/static/7444.php http://www.securityfocus.com/bid/206 •