CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 4CVE-2010-1183 – Solaris Recommended Patch Cluster 6/19 (x86) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-1183
29 Mar 2010 — Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager. Algunos scripts de instalación de parches de Oracle Solaris permiten a los usuarios locales añadir datos a ficheros de su elección a través de un ataque symlink (de enlace simbólico) al fichero temporal /tmp/CLEANUP. Información relacionada con el "Update Manager" (gestor de actualizaciones). Solaris Recommended Pa... • https://packetstorm.news/files/id/122306 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 20%CPEs: 6EXPL: 0CVE-2010-0444
https://notcve.org/view.php?id=CVE-2010-0444
09 Feb 2010 — HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op account, which allows remote attackers to execute arbitrary code via unspecified vectors. HP Operations Agent v8.51, v8.52, v8.53, y v8.60 en Solaris v10 utiliza una contraseña en blanco en la cuenta opc_op, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=126566258722040&w=2 • CWE-255: Credentials Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 66EXPL: 1CVE-2010-0453 – Solaris/Open Solaris UCODE_GET_VERSION IOCTL - Denial of Service
https://notcve.org/view.php?id=CVE-2010-0453
03 Feb 2010 — The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision. La función ucode_ioctl en intel/io/ucode_drv.c en Sun Solaris v10 y OpenSolaris desde snv_69 hasta snv_133, cuando es ejecutado... • https://www.exploit-db.com/exploits/11351 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2003-1575
https://notcve.org/view.php?id=CVE-2003-1575
28 Jan 2010 — VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem. VERITAS File System (VxFS) v3.3.3, v3.4, y v3.5 anterior a MP1 Rolling Patch 02 para Sun Solaris v2.5.1 a la v9, no implementa adecuadamente la herencia de las ACLs por... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-113207-05-1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 7%CPEs: 4EXPL: 0CVE-2003-1576
https://notcve.org/view.php?id=CVE-2003-1576
28 Jan 2010 — Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 on Solaris 8 and 9 on the sparc platform allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en pamverifier en Change Manager (CM) v1.0 para Sun Management Center (SunMC) v3.0 en Solaris v8 y v9 en la plataforma sparc permite a atacantes remotos ejecutar código arbitrario a través de vectores inespecíficos. • http://sunsolve.sun.com/search/document.do?assetkey=1-21-113105-01-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2004-2765
https://notcve.org/view.php?id=CVE-2004-2765
28 Jan 2010 — Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Webmail en Sun ONE Messaging Server v6.1 e iPlanet Messaging Server v5.2 anterior a 5.2hf2.02, cuando se u... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-116568-56-1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2004-2766
https://notcve.org/view.php?id=CVE-2004-2766
28 Jan 2010 — Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows remote attackers to obtain unspecified "access" to e-mail via a crafted e-mail message, related to a "session hijacking" issue, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. Webmail en Sun ONE Messaging Server v6.1 y iPlanet Messaging Server v5.2 anteriores a v5.2hf2.02 permite a atacantes remotos obtener "acceso" inespecífico al correo electrónico a través de un mensaje de correo electrónico m... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-116568-55-1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0310
https://notcve.org/view.php?id=CVE-2010-0310
14 Jan 2010 — Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates. Trusted Extensions en Sun Solaris 10, permite a usuarios locales obtener privilegios a través de vectores relacionados con la omisión de ciertas bibliotecas desde las actualizaciones de software. • http://secunia.com/advisories/38129 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 63%CPEs: 11EXPL: 3CVE-2009-4502 – Zabbix Agent - 'net.tcp.listen' Command Injection
https://notcve.org/view.php?id=CVE-2009-4502
31 Dec 2009 — The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses. La función NET_TCP_LISTEN en net.c en Zabbix Agent versiones anteriores a v1.6.7, cuando se ejecuta en FreeBSD o Solaris, permite a atacantes remotos eludir la asignación de EnableRemo... • https://www.exploit-db.com/exploits/16918 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-4314
https://notcve.org/view.php?id=CVE-2009-4314
14 Dec 2009 — Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking (AMGH) is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device. Sun Ray Server Software v4.1 en Solaris v10, cuando esta activado el Multi-Group Hotdesking (AMGH) esta activo, responde a una acción de salida de sesión mediante el logueo del usuario de forma inmediata, lo que hace ... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-139548-03-1 • CWE-264: Permissions, Privileges, and Access Controls •