CVSS: 5.5EPSS: 0%CPEs: 51EXPL: 0CVE-2009-0926
https://notcve.org/view.php?id=CVE-2009-0926
17 Mar 2009 — Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732. Vulnerabilidad no especificada en la funcionalidad del sistema de ficheros UFS en Sun OpenSolaris snv_86 through snv_91, cuando se ejecuta en modo 32-bit sobre sistemas x86, permite a usuarios locales provocar ... • http://secunia.com/advisories/34331 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 52EXPL: 0CVE-2009-0924
https://notcve.org/view.php?id=CVE-2009-0924
17 Mar 2009 — Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712. Vulnerabilidad no especificada en Sun OpenSolaris snv_39 hasta snv_45, cuando se ejecuta en modo 64-bit sobre arquitecturas x86, permite a usuarios locales provocar una denegación de servicio (cuelgue en la escritura ... • http://secunia.com/advisories/34331 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 218EXPL: 0CVE-2009-0913
https://notcve.org/view.php?id=CVE-2009-0913
16 Mar 2009 — Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. Vulnerabilidad no especificada en el módulo keysock del kernel en Solaris v10 y OpenSolaris versiones vsnv_01 hasta vsnv_108 permite a usuarios locales provocar una denegación de servicio (error irrecuperable del sistema) mediante vectores desc... • http://osvdb.org/52678 •
CVSS: 7.8EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0874
https://notcve.org/view.php?id=CVE-2009-0874
12 Mar 2009 — Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. Vulnerabilidades múltiples no especificadas en el subsistema Doors en el kernel en Sun Solaris v8 ha... • http://secunia.com/advisories/34227 • CWE-399: Resource Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0875
https://notcve.org/view.php?id=CVE-2009-0875
12 Mar 2009 — Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. Condición de carrera en el subsistema Doors en el kernel en Sun Solaris v8 hasta v10, y OpenSolaris anterior a snv_94, permite a los usuarios locales causar una denegació... • http://osvdb.org/52561 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 1%CPEs: 182EXPL: 2CVE-2009-0873
https://notcve.org/view.php?id=CVE-2009-0873
11 Mar 2009 — The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other." El demonio NFS (también conocido como nfsd) en Sun Solaris 10 y OpenSolaris snv_106, cuando NFSv3 es usado, no implementa adecuadamente las... • http://osvdb.org/52560 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 221EXPL: 1CVE-2009-0872
https://notcve.org/view.php?id=CVE-2009-0872
11 Mar 2009 — The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. El servidor NFS en Sun Solaris 10 y Opensolaris anterios a svn_111, no implementa adecuadamente el modo de seguridad AUTH_NONE (también conocido como sec=none)... • http://osvdb.org/52559 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 202EXPL: 0CVE-2009-0870
https://notcve.org/view.php?id=CVE-2009-0870
10 Mar 2009 — The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. El modulo del servidor NFSv4 en el kernel en Sun Solaris v10, y OpenSolaris anterior a snv_111, permite a usuarios locales producir una denegación de servicio (bucle infinito y colgado de sistema) mediante el acceso a un fichero de sistema h... • http://secunia.com/advisories/34193 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2009-0868
https://notcve.org/view.php?id=CVE-2009-0868
10 Mar 2009 — CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en la plantilla de WebLink en Jasmine2000 Enterprise Edition permite a atacantes remotos inyectar cabeceras HTTP de manera arbitraria y dirigir ataques de división de respuesta HTTP a través de vectores sin especificar. • http://secunia.com/advisories/33971 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2009-0857
https://notcve.org/view.php?id=CVE-2009-0857
09 Mar 2009 — Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en /prm/reports en Performance Reporting Module (PRM) para Sun Management Center (SunMC) v3.6.1 y v4.0, permite a atacantes remotos inye... • http://secunia.com/advisories/34146 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •