CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2007-1794
https://notcve.org/view.php?id=CVE-2007-1794
02 Apr 2007 — The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805. El motor de Javascript en Mozilla 1.7 y anteriores en Sun Solaris 8, 9, y 10 podría permitir a atacantes remotos ejecutar código de su elección a través de vectores que afectan al colector de basura que provoca el borr... • http://secunia.com/advisories/24624 •
CVSS: 5.9EPSS: 1%CPEs: 2EXPL: 0CVE-2006-7140
https://notcve.org/view.php?id=CVE-2006-7140
07 Mar 2007 — The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339. La biblioteca libike, tal y como se usa en in.iked, elfsign, y kcfd en Sun Solaris 9 y 10, cuando usan una clave RSA con... • http://secunia.com/advisories/23104 •
CVSS: 7.8EPSS: 27%CPEs: 3EXPL: 0CVE-2006-7028
https://notcve.org/view.php?id=CVE-2006-7028
23 Feb 2007 — Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it might be related to "jabber" and generation of a large amount of interrupts within the console, or a hardware error. Sistemas de una sola CPU Sun corriendo bajo Solaris 7, 8 o 9, como el Netra, permiten a atacantes remotos provocar una... • http://www.securityfocus.com/archive/1/434449/30/4890/threaded •
CVSS: 7.1EPSS: 4%CPEs: 1EXPL: 0CVE-2007-0914
https://notcve.org/view.php?id=CVE-2007-0914
14 Feb 2007 — Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors. Condición de carrera en el subsistema TCP de Solaris 10 permite a atacantes remotos provocar una denegación de servicio (error irrecuperable del sistema) mediante vectores desconocidos. • http://osvdb.org/33194 •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2007-0895
https://notcve.org/view.php?id=CVE-2007-0895
13 Feb 2007 — Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435. Condición de carrera en el borrado de directorios recursivo con las opciones (1) -r o (2) -R... • http://secunia.com/advisories/24082 •
CVSS: 10.0EPSS: 83%CPEs: 4EXPL: 5CVE-2007-0882 – Solaris 10/11 Telnet - Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-0882
12 Feb 2007 — Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account. La vulnerabilidad de inyección argumentos en el demonio telnet (in.telnetd) en Solaris versiones 10 y 11 (SunOS versiones 5.10 y 5.11) interpreta erróneamente ciertas secuencias "-f" del cliente com... • https://www.exploit-db.com/exploits/9918 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0668
https://notcve.org/view.php?id=CVE-2007-0668
02 Feb 2007 — The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service. El sistema de ficheros de bucle invertido (Loopback Filesystem o LOFS) en Sun Solaris 10 permite a usuarios locales en una zona no global mover y renombrar archivos en un sistema de ficheros de sólo lectura, lo cual podría llevar a una denegación de servicio. • http://osvdb.org/31879 •
CVSS: 7.8EPSS: 36%CPEs: 1EXPL: 2CVE-2007-0634 – Sun Solaris 10 - ICMP Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-0634
31 Jan 2007 — Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets. Vulnerabilidad no especificada en Sun Solaris 10 versiones anteriores a 20070130 permite a atacantes remotos provocar una denegación de servicio (caída de sistema) mediante paquetes ICMP concretos. • https://www.exploit-db.com/exploits/29540 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-0503
https://notcve.org/view.php?id=CVE-2007-0503
25 Jan 2007 — Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors. Vulnerabilidad no especificada en kcms_calibrate en Sun Solaris 8 y 9 anterior al 22/11/2007 permite a usuarios locales ejecutar comandos de su elección mediante vectores desconocidos. • http://osvdb.org/31598 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2007-0470
https://notcve.org/view.php?id=CVE-2007-0470
24 Jan 2007 — Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors. Múltiples vulnerabilidades no especificadas en tip de Sun Solaris 8, 9, y 10 permite a usuarios locales obtener privilegios de cuentas uucp mediante vectores no especificados. • http://osvdb.org/31616 •