Page 21 of 209 results (0.007 seconds)

CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 0

Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57786-1 http://www.vupen.com/english/advisories/2005/0517 •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. • http://securitytracker.com/id?1013462 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57710-1 http://www.securityfocus.com/bid/12838 https://exchange.xforce.ibmcloud.com/vulnerabilities/19729 •

CVSS: 5.6EPSS: 0%CPEs: 121EXPL: 0

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://securitytracker.com/id?1013967 http://sunsolve.sun.com/search/document.do? •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57706-1 http://www.idefense.com/application/poi/display?id=206&type=vulnerabilities •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts. • http://secunia.com/advisories/13803 http://securitytracker.com/id?1012860 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57717-1 http://www.ciac.org/ciac/bulletins/p-096.shtml http://www.securityfocus.com/bid/12260 https://exchange.xforce.ibmcloud.com/vulnerabilities/18868 •