CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2008-0718
https://notcve.org/view.php?id=CVE-2008-0718
Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors. Vulnerabilidad sin especificar en el USB Mouse STREAMS module (usbms)en Sun Solaris 9 y 10, cuando el modo 64-bits está activado, permite a usuarios locales provocar una denegación de servicio (error irrecuperable del sistema) mediante vectores sin identificar. • http://secunia.com/advisories/28921 http://sunsolve.sun.com/search/document.do?assetkey=1-26-201316-1 http://www.securityfocus.com/bid/27773 http://www.vupen.com/english/advisories/2008/0451 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5474 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 3%CPEs: 9EXPL: 0CVE-2008-0212
https://notcve.org/view.php?id=CVE-2008-0212
ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. ovtopmd en HP OpenView Network Node Manager (OV NNM) versiones 6.41, 7.01 y 7.51, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de una petición TCP diseñada que desencadena un acceso de memoria fuera de límites. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=652 http://secunia.com/advisories/28798 http://www.securityfocus.com/archive/1/487586/100/0/threaded http://www.securityfocus.com/bid/27629 http://www.securitytracker.com/id?1019306 http://www.vupen.com/english/advisories/2008/0424 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 30%CPEs: 3EXPL: 0CVE-2008-0006 – Xorg / XFree86 PCF font parser buffer overflow
https://notcve.org/view.php?id=CVE-2008-0006
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCF_BDF_ENCODINGS table. Un desbordamiento del búfer en (1) X.Org Xserver versiones anteriores a 1.4.1, y (2) las bibliotecas libfont y libXfont en algunas plataformas, incluyendo Sun Solaris, permite a atacantes dependiendo del contexto ejecutar código arbitrario por medio de una fuente PCF con una diferencia considerable entre los últimos y primeros valores col en la tabla PCF_BDF_ENCODINGS. • http://bugs.gentoo.org/show_bug.cgi?id=204362 http://docs.info.apple.com/article.html?artnum=307562 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321 http://jvn.jp/en/jp/JVN88935101/index.html http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001043.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.freedesktop.org/archives/xorg/2008-January/031918.html http://lists.opensuse.org/opensuse-security-announce/2008-01&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0242
https://notcve.org/view.php?id=CVE-2008-0242
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions. Vulnerabilidad no especificada en libdevinfo de Sun Solaris 10, permite que usuario locales puedan acceder a ficheros y que obtengan privilegios, usando vectores desconocidos, relacionados con los permisos del dispositivo de login. • http://secunia.com/advisories/28493 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103165-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200641-1 http://www.securityfocus.com/bid/27253 http://www.securitytracker.com/id?1019187 http://www.vupen.com/english/advisories/2008/0131 https://exchange.xforce.ibmcloud.com/vulnerabilities/39629 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5211 •
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-6505
https://notcve.org/view.php?id=CVE-2007-6505
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities. Solaris 9, con Solaris Auditing habilitado y ciertos parches sshd instalados, pueden generar registros de auditoría con un con una auditoría - ID de 0 incluso cuando el usuario acceda a al ssh sin ser root, lo cual hace más fácil para atacantes evitar detecciones y poder hacerlo más dificil llevar a cabo actividades forenses. • http://osvdb.org/44332 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103172-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201310-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/39185 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5282 • CWE-16: Configuration •