CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2002-0089
https://notcve.org/view.php?id=CVE-2002-0089
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. Desbordamiento de buffer en admintools en Solarios 2.5 a 8 permite a usuarios locales ganar privilegios de root mediante argumentos largos ala opción de línea de comandos -del argumento PRODVERS en el fichero .cdtoc. • http://online.securityfocus.com/archive/1/270122 http://www.esecurityonline.com/advisories/eSO2397.asp http://www.iss.net/security_center/static/8954.php http://www.iss.net/security_center/static/8955.php http://www.securityfocus.com/bid/4624 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A67 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A68 •
CVSS: 2.1EPSS: 0%CPEs: 16EXPL: 0CVE-2001-1503
https://notcve.org/view.php?id=CVE-2001-1503
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host. • http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0016.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-27116-1 http://www.securityfocus.com/bid/3457 https://exchange.xforce.ibmcloud.com/vulnerabilities/7334 •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 1CVE-2001-1555
https://notcve.org/view.php?id=CVE-2001-1555
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY. • http://securitytracker.com/id?1002732 http://securitytracker.com/id?1004035 http://sunsolve.sun.com/search/document.do?assetkey=1-26-43929-1 http://www.securityfocus.com/bid/3522 •
CVSS: 10.0EPSS: 23%CPEs: 1EXPL: 5CVE-2001-1583 – Solaris 10 LPD - Arbitrary File Delete
https://notcve.org/view.php?id=CVE-2001-1583
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. • https://www.exploit-db.com/exploits/1167 https://www.exploit-db.com/exploits/9921 https://www.exploit-db.com/exploits/16322 https://www.exploit-db.com/exploits/21097 http://marc.info/?l=bugtraq&m=99929694701826&w=2 http://metasploit.com/projects/Framework/modules/exploits/solaris_lpd_exec.pm http://www.derkeiler.com/Mailing-Lists/securityfocus/incidents/2001-08/0490.html http://www.osvdb.org/15131 http://www.securityfocus.com/bid/3274 https://exchange.xforce.ibmcloud.co • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 4CVE-2001-1582 – Solaris 8 libsldap - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-1582
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. • https://www.exploit-db.com/exploits/20970 https://www.exploit-db.com/exploits/20969 http://seclists.org/bugtraq/2001/Jul/0077.html http://seclists.org/bugtraq/2001/Jul/0091.html http://seclists.org/bugtraq/2001/Jun/0365.html http://www.securiteam.com/unixfocus/5IP0O2A4KS.html http://www.securityfocus.com/bid/2931 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •