Page 4 of 28 results (0.005 seconds)

CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0

The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba http://www.ciac.org/ciac/bulletins/e-01.shtml http://www.osvdb.org/6436 https://exchange.xforce.ibmcloud.com/vulnerabilities/549 •

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0

/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100630&zone_32=112193%2A%20 http://www.iss.net/security_center/static/7480.php •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116 http://www.cert.org/advisories/CA-1992-11.html https://exchange.xforce.ibmcloud.com/vulnerabilities/3152 •

CVSS: 6.2EPSS: 0%CPEs: 15EXPL: 0

rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. • http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html http://www.cert.org/advisories/CA-91.20.rdist.vulnerability http://www.iss.net/security_center/static/7160.php http://www.osvdb.org/8106 http://www.securityfocus.com/bid/31 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 2

The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. • https://www.exploit-db.com/exploits/19043 https://www.exploit-db.com/exploits/19042 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/107&type=0&nav=sec.sba http://www.cert.org/advisories/CA-1991-07.html http://www.securityfocus.com/bid/21 http://www.securityfocus.com/bid/22 https://exchange.xforce.ibmcloud.com/vulnerabilities/582 •