CVSS: 6.8EPSS: 1%CPEs: 6EXPL: 0CVE-2008-1095
https://notcve.org/view.php?id=CVE-2008-1095
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly. La vulnerabilidad no especificada en la implementación del Protocolo de Internet (IP) en Sun Solaris versiones 8, 9 y 10 permite a los atacantes remotos omitir las políticas de firewall previstas o causar una denegación de servicio (pánico) por medio de vectores desconocidos, posiblemente relacionados con los paquetes ICMP y el reensamblaje de fragmentos IP. • http://secunia.com/advisories/29100 http://secunia.com/advisories/29379 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200183-1 http://support.avaya.com/elmodocs2/security/ASA-2008-119.htm http://www.securityfocus.com/bid/27967 http://www.vupen.com/english/advisories/2008/0645 https://exchange.xforce.ibmcloud.com/vulnerabilities/40473 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5511 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 1CVE-2008-0933
https://notcve.org/view.php?id=CVE-2008-0933
Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service (panic) via unspecified vectors related to kcpc_unbind and kcpc_restore. Múltiples condiciones de carrera en el subsistema CPU Performance Counters (cpc) del núcleo de Sun Solaris 10 permiten a usuarios locales provocar una denegación de servicio (kernel panic) a través de vectores no especificados relacionados con kcpc_unbind y kcpc_restore. • http://secunia.com/advisories/29052 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231466-1 http://www.securityfocus.com/bid/27941 http://www.securitytracker.com/id?1019490 http://www.vupen.com/english/advisories/2008/0642 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5476 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0938
https://notcve.org/view.php?id=CVE-2008-0938
Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126. Vulnerabilidad no especificada en el marco de trabajo de traza dinámica (DTrace) de Sun Solaris 10 permite a usuarios locales con privilegios PRIV_DTRACE_USER o PRIV_DTRACE_PROC obtener información sensible del núcleo a través de vectores no especificados, una vulnerabilidad distinta a CVE-2007-4126. • http://secunia.com/advisories/29037 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231803-1 http://www.securityfocus.com/bid/27942 http://www.securitytracker.com/id?1019483 http://www.vupen.com/english/advisories/2008/0640 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5451 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0836
https://notcve.org/view.php?id=CVE-2008-0836
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319. Vulnerabilidad no especificada en los módulos vuidmice STREAMS de Sun Solaris 9 y 10 en arquitecturas x86 permite a usuarios locales provocar una denegación de servicio (error irrecuperable del sistema) a través de vectores no especificados que inducen una referencia a un puntero nulo en el módulo vuid3ps2, este es un problema diferente de CVE-2007-5319. • http://secunia.com/advisories/28990 http://sunsolve.sun.com/search/document.do?assetkey=1-26-200635-1 http://www.securitytracker.com/id?1019429 http://www.vupen.com/english/advisories/2008/0582 •
CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 0CVE-2008-0730
https://notcve.org/view.php?id=CVE-2008-0730
The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read from, the home directories of other users. Los métodos de entrada de (1) Chino Simplicado, (2) Chino Tradicional , (3) Coreano y (4) Tailandés en Sun Solaris 10 crean archivos y directorios con permisos débiles bajo a) .iiim/le y (b) .Xlocale en los directorios home, que podrían permitir a usuarios locales escribir en, o leer de los directorios home de otros usuarios. • http://secunia.com/advisories/28931 http://sunsolve.sun.com/search/document.do?assetkey=1-26-201315-1 http://www.securityfocus.com/bid/27770 http://www.vupen.com/english/advisories/2008/0452 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5545 • CWE-264: Permissions, Privileges, and Access Controls •