CVSS: 4.6EPSS: 0%CPEs: 226EXPL: 0CVE-2009-1276
https://notcve.org/view.php?id=CVE-2009-1276
09 Apr 2009 — XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. XScreenSaver en Sun Solaris v10 and OpenSolaris anteriores a snv_109, y Solaris v8 y v9 con GNOME v2.0 o v2.0.2, permite a atacantes próximos físicamente conseguir información sensible, leyendo las ven... • http://securitytracker.com/id?1022009 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 227EXPL: 0CVE-2009-1207
https://notcve.org/view.php?id=CVE-2009-1207
01 Apr 2009 — Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. Condición Race en la secuencia de comandos en Sun Solaris v8 hasta v10, y OpenSolaris snv_01 hasta snv_111, permite a los usuario locales sobrescribir arbitrariamente archivos, probablemente involucra un ataque de enlace simbólico en archivos temporales. • http://secunia.com/advisories/34558 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 6%CPEs: 221EXPL: 0CVE-2009-0923
https://notcve.org/view.php?id=CVE-2009-0923
17 Mar 2009 — Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server. Vulnerabilidad sin especificar en Kerberos Incremental Propagation en Solaris 10 y OpenSolaris snv_01 hasta snv_110 permite a atacantes remotos provocar una denegación de servicio (perdida de peticion... • http://secunia.com/advisories/34298 •
CVSS: 5.5EPSS: 0%CPEs: 218EXPL: 0CVE-2009-0913
https://notcve.org/view.php?id=CVE-2009-0913
16 Mar 2009 — Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. Vulnerabilidad no especificada en el módulo keysock del kernel en Solaris v10 y OpenSolaris versiones vsnv_01 hasta vsnv_108 permite a usuarios locales provocar una denegación de servicio (error irrecuperable del sistema) mediante vectores desc... • http://osvdb.org/52678 •
CVSS: 7.8EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0874
https://notcve.org/view.php?id=CVE-2009-0874
12 Mar 2009 — Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. Vulnerabilidades múltiples no especificadas en el subsistema Doors en el kernel en Sun Solaris v8 ha... • http://secunia.com/advisories/34227 • CWE-399: Resource Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0875
https://notcve.org/view.php?id=CVE-2009-0875
12 Mar 2009 — Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. Condición de carrera en el subsistema Doors en el kernel en Sun Solaris v8 hasta v10, y OpenSolaris anterior a snv_94, permite a los usuarios locales causar una denegació... • http://osvdb.org/52561 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 1%CPEs: 182EXPL: 2CVE-2009-0873
https://notcve.org/view.php?id=CVE-2009-0873
11 Mar 2009 — The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other." El demonio NFS (también conocido como nfsd) en Sun Solaris 10 y OpenSolaris snv_106, cuando NFSv3 es usado, no implementa adecuadamente las... • http://osvdb.org/52560 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 221EXPL: 1CVE-2009-0872
https://notcve.org/view.php?id=CVE-2009-0872
11 Mar 2009 — The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. El servidor NFS en Sun Solaris 10 y Opensolaris anterios a svn_111, no implementa adecuadamente el modo de seguridad AUTH_NONE (también conocido como sec=none)... • http://osvdb.org/52559 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 202EXPL: 0CVE-2009-0870
https://notcve.org/view.php?id=CVE-2009-0870
10 Mar 2009 — The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. El modulo del servidor NFSv4 en el kernel en Sun Solaris v10, y OpenSolaris anterior a snv_111, permite a usuarios locales producir una denegación de servicio (bucle infinito y colgado de sistema) mediante el acceso a un fichero de sistema h... • http://secunia.com/advisories/34193 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 40EXPL: 0CVE-2009-0838
https://notcve.org/view.php?id=CVE-2009-0838
06 Mar 2009 — The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function. El controlador crypto pseudo en Sun Solaris v10, y OpenSolaris snv_88 hasta snv_102, no libera memoria adecuadamente, lo cual permite a usuarios locales provocar una denegación de servicio (pánico) a través de vectores no especificados, relacionado con la funci... • http://secunia.com/advisories/34149 • CWE-399: Resource Management Errors •