CVE-2007-0895
https://notcve.org/view.php?id=CVE-2007-0895
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435. Condición de carrera en el borrado de directorios recursivo con las opciones (1) -r o (2) -R en Solaris 8 hasta 10 anterior al 08/02/2007 permite a usuarios locales borrar ficheros y directorios como el usuario que está ejecutando rm moviéndose de directorio de bajo nivel a uno de mayor nivel mientras está siendo borrado, lo cual provoca que rm haga un chdir al directorio ".." que es de mayor nivel que lo esperado, posiblemente fuera del sistema de ficheros de root, un asunto relacionado con CVE-2002-0435. • http://secunia.com/advisories/24082 http://secunia.com/advisories/24405 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102782-1 http://support.avaya.com/elmodocs2/security/ASA-2007-102.htm http://www.osvdb.org/31880 http://www.vupen.com/english/advisories/2007/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/32399 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8272 •
CVE-2007-0503
https://notcve.org/view.php?id=CVE-2007-0503
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors. Vulnerabilidad no especificada en kcms_calibrate en Sun Solaris 8 y 9 anterior al 22/11/2007 permite a usuarios locales ejecutar comandos de su elección mediante vectores desconocidos. • http://osvdb.org/31598 http://secunia.com/advisories/23885 http://securitytracker.com/id?1017541 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102728-1 http://support.avaya.com/elmodocs2/security/ASA-2007-040.htm http://www.securityfocus.com/bid/22175 http://www.vupen.com/english/advisories/2007/0287 https://exchange.xforce.ibmcloud.com/vulnerabilities/31668 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1495 •
CVE-2007-0470
https://notcve.org/view.php?id=CVE-2007-0470
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors. Múltiples vulnerabilidades no especificadas en tip de Sun Solaris 8, 9, y 10 permite a usuarios locales obtener privilegios de cuentas uucp mediante vectores no especificados. • http://osvdb.org/31616 http://secunia.com/advisories/23821 http://securitytracker.com/id?1017546 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1 http://www.securityfocus.com/bid/22190 http://www.vupen.com/english/advisories/2007/0317 https://exchange.xforce.ibmcloud.com/vulnerabilities/31669 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038 •
CVE-2007-0165 – Sun Solaris 9 - RPC Request Denial of Service
https://notcve.org/view.php?id=CVE-2007-0165
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind. Vulnerabilidad no especificada en libnsl de Sun Solaris 8 y 9 permite a atacantes remotos provocar una denegación de servicio (caída) mediante peticiones RPC manipuladas que disparan una caída en rpcbind. • https://www.exploit-db.com/exploits/29406 http://osvdb.org/31576 http://secunia.com/advisories/23700 http://secunia.com/advisories/24056 http://securitytracker.com/id?1017492 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102713-1 http://support.avaya.com/elmodocs2/security/ASA-2007-036.htm http://www.securityfocus.com/bid/21964 http://www.vupen.com/english/advisories/2007/0110 https://exchange.xforce.ibmcloud.com/vulnerabilities/31366 https://oval.cisecurity.org •
CVE-2006-6494
https://notcve.org/view.php?id=CVE-2006-6494
Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers. Vulnerabilidad de escalado de directorio en ld.so.1 del Sun Solaris 8, 9 y 10 permite a usuarios locales ejecutar código de su elección a través de la secuencia .. (punto punto) en la variable de entorno LANG que señala a un fichero local que contiene controles de ataque en un formato de cadena específico. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=449 http://secunia.com/advisories/23317 http://securitytracker.com/id?1017376 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102724-1 http://www.securityfocus.com/bid/21564 http://www.vupen.com/english/advisories/2006/4979 https://exchange.xforce.ibmcloud.com/vulnerabilities/30849 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2121 •