Page 20 of 391 results (0.005 seconds)

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 5

The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. • https://www.exploit-db.com/exploits/1073 https://www.exploit-db.com/exploits/1074 http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034730.html http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034731.html http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034738.html http://secunia.com/advisories/15841 http://securitytracker.com/id?1014537 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101794-1 http://www.opensolaris.org/jive/thread • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 0

Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. • http://secunia.com/advisories/15723 http://securitytracker.com/id?1014218 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101768-1 http://www.securityfocus.com/bid/13968 •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57780-1 http://www.vupen.com/english/advisories/2005/0492 •

CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 0

Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57786-1 http://www.vupen.com/english/advisories/2005/0517 •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API. • http://secunia.com/advisories/14971 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57734-1 http://www.osvdb.org/15516 •