CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 3CVE-1999-1191 – Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer
https://notcve.org/view.php?id=CVE-1999-1191
19 May 1997 — Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. • https://www.exploit-db.com/exploits/332 •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 2CVE-1999-1402 – FreeBSD 3.1 / Solaris 2.6 - Domain Socket
https://notcve.org/view.php?id=CVE-1999-1402
17 May 1997 — The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. • https://www.exploit-db.com/exploits/19346 •
CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-1999-0165
https://notcve.org/view.php?id=CVE-1999-0165
01 Mar 1997 — NFS cache poisoning. • https://www.cve.org/CVERecord?id=CVE-1999-0165 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-1999-0217
https://notcve.org/view.php?id=CVE-1999-0217
01 Jan 1997 — Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0217 •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-1999-0078
https://notcve.org/view.php?id=CVE-1999-0078
18 Apr 1996 — pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0078 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-1999-1388
https://notcve.org/view.php?id=CVE-1999-1388
13 May 1994 — passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument. • http://www.dataguard.no/bugtraq/1994_4/0755.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-1999-0120
https://notcve.org/view.php?id=CVE-1999-0120
21 Mar 1994 — Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/126 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-1999-1137
https://notcve.org/view.php?id=CVE-1999-1137
01 Oct 1993 — The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-1999-1318
https://notcve.org/view.php?id=CVE-1999-1318
17 Sep 1993 — /usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100630&zone_32=112193%2A%20 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-1999-1507
https://notcve.org/view.php?id=CVE-1999-1507
03 Feb 1993 — Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. • http://www.cert.org/advisories/CA-1993-03.html •