CVSS: 7.8EPSS: 0%CPEs: 122EXPL: 0CVE-2009-2430
https://notcve.org/view.php?id=CVE-2009-2430
10 Jul 2009 — Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and OpenSolaris snv_01 through snv_58, when Solaris Auditing is enabled, allows local users with an RBAC execution profile for auditconfig to gain privileges via unknown attack vectors. Vulnerabilidad no especificadar en auditconfig en Sun Solaris v8, v9, v10 y OpenSolaris snv_01 hasta snv_58, cuando auditoría de Solaris está activada, permite a los usuarios locales con un perfil de ejecución RBAC para auditconfig obtener privilegios a través... • http://secunia.com/advisories/35580 •
CVSS: 6.3EPSS: 0%CPEs: 7EXPL: 0CVE-2009-2314
https://notcve.org/view.php?id=CVE-2009-2314
05 Jul 2009 — Race condition in the Sun Lightweight Availability Collection Tool 3.0 on Solaris 7 through 10 allows local users to overwrite arbitrary files via unspecified vectors. Condición de carrera en la Sun Lightweight Availability Collection Tool v3.0 de Solaris 7 hasta 10 , permite a usuarios locales sobrescribir ficheros de su elección a través de vectores no especificados. • http://osvdb.org/55559 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 210EXPL: 1CVE-2009-2029
https://notcve.org/view.php?id=CVE-2009-2029
11 Jun 2009 — Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. Vulnerabilidad sin especificar en rpc.nisd en Sun Solaris v8 a la v10, y OpenSolaris anterior snv_104, permite a usuarios autenticados remotamente provocar una denegación e servicio( caída de demonio NIS+) a través de vectores no especificados relacionados con las llamadas de NIS... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-112960-67-1 •
CVSS: 5.5EPSS: 0%CPEs: 227EXPL: 0CVE-2009-1933
https://notcve.org/view.php?id=CVE-2009-1933
05 Jun 2009 — Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. Kerberos in Sun Solaris 8, 9, y 10, y OpenSolaris anterior a snv_117, no administra adecuadamente las credenciales de caché, lo que permite a usuarios locales acceder a puntos de montaje "Kerberized NFS" y recursos compartidos "Kerberized NFS" a través de vectores no especificados. • http://secunia.com/advisories/35341 • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 33%CPEs: 4EXPL: 0CVE-2008-3869
https://notcve.org/view.php?id=CVE-2008-3869
26 May 2009 — Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters. Desbordamiento de búfer basado en entero en sadmind en Sun Solaris v8 y v9 permite a atacantes remotos ejecutar código de forma arbitraria a través de unas peticiones RPC manipuladas, relacionado con la decodificación inadecuada de parámetros "request". • http://secunia.com/advisories/32473 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 27%CPEs: 4EXPL: 0CVE-2008-3870
https://notcve.org/view.php?id=CVE-2008-3870
26 May 2009 — Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation. Desbordamiento de entero en sadmind en Sun Solaris v8 y v9 permite a atacantes remotos ejecutar código de forma arbitraria a través de una petición RPC manipulada que inicia un desbordamiento de búfer basado en montículo, relacionado con una localización de memoria no adecuada. • http://secunia.com/advisories/32473 • CWE-189: Numeric Errors •
CVSS: 4.6EPSS: 0%CPEs: 226EXPL: 0CVE-2009-1276
https://notcve.org/view.php?id=CVE-2009-1276
09 Apr 2009 — XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. XScreenSaver en Sun Solaris v10 and OpenSolaris anteriores a snv_109, y Solaris v8 y v9 con GNOME v2.0 o v2.0.2, permite a atacantes próximos físicamente conseguir información sensible, leyendo las ven... • http://securitytracker.com/id?1022009 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 227EXPL: 0CVE-2009-1207
https://notcve.org/view.php?id=CVE-2009-1207
01 Apr 2009 — Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. Condición Race en la secuencia de comandos en Sun Solaris v8 hasta v10, y OpenSolaris snv_01 hasta snv_111, permite a los usuario locales sobrescribir arbitrariamente archivos, probablemente involucra un ataque de enlace simbólico en archivos temporales. • http://secunia.com/advisories/34558 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0874
https://notcve.org/view.php?id=CVE-2009-0874
12 Mar 2009 — Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. Vulnerabilidades múltiples no especificadas en el subsistema Doors en el kernel en Sun Solaris v8 ha... • http://secunia.com/advisories/34227 • CWE-399: Resource Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0875
https://notcve.org/view.php?id=CVE-2009-0875
12 Mar 2009 — Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. Condición de carrera en el subsistema Doors en el kernel en Sun Solaris v8 hasta v10, y OpenSolaris anterior a snv_94, permite a los usuarios locales causar una denegació... • http://osvdb.org/52561 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •