Page 45 of 564 results (0.046 seconds)

CVSS: 4.3EPSS: 2%CPEs: 3EXPL: 0

The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503. El demonio finger (in.fingerd) en Sun Solaris 7 hasta 9 permite a atacantes remotos listar todas las cuentas que tienen campos GECOS que no son estándar mediante una petición compuesta de un único dígito, como ha sido demostrado por un comando "finger 9@host", una vulnerabilidad diferente de CVE-2001-1503. • http://securityreason.com/securityalert/2996 http://www.securityfocus.com/archive/1/474858/100/100/threaded http://www.securityfocus.com/archive/1/474927/100/100/threaded •

CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0

rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225. rcp en Sun Solaris 8, 9, y 10 versiones anteriores a 20070710 no invoca apropiadamente aplicaciones de ayuda determinadas, lo cual permite a usuarios locales obtener privilegios al crear ficheros con determinados nombres, posiblemente conteniendo meta-caracteres de consola o espacios, un asunto similar a CVE-2006-0225. • http://osvdb.org/36611 http://secunia.com/advisories/26024 http://secunia.com/advisories/26210 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102978-1 http://support.avaya.com/elmodocs2/security/ASA-2007-319.htm http://www.vupen.com/english/advisories/2007/2494 https://exchange.xforce.ibmcloud.com/vulnerabilities/35334 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1772 •

CVSS: 7.8EPSS: 8%CPEs: 2EXPL: 0

Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions. Vulnerabilidad no especificada en el servidor NFS en Sun Solaris 10 versiones anteriores a 20070613 permite a atacantes remotos provocar una denegación de servicio (caída de sistema) mediante datos XDR determinados en peticiones NFS, probablemente relativos al procesamiento de datos por las funciones xdr_bool y xdrmblk_getint32. • http://osvdb.org/36592 http://secunia.com/advisories/25668 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102965-1 http://www.securityfocus.com/bid/24466 http://www.securitytracker.com/id?1018253 http://www.vupen.com/english/advisories/2007/2190 https://exchange.xforce.ibmcloud.com/vulnerabilities/34857 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1092 •

CVSS: 10.0EPSS: 19%CPEs: 6EXPL: 0

Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server. Vulnerabilidad no especificada en el mecanismo de acceso de usuario en Solaris Management Console (SMC) en Sun Solaris 8 hasta 10 versiones anteriores a 20070605 permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, referidos al servidor WBEM. • http://osvdb.org/36590 http://secunia.com/advisories/25566 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102903-1 http://www.securityfocus.com/bid/24327 http://www.securitytracker.com/id?1018206 http://www.vupen.com/english/advisories/2007/2077 https://exchange.xforce.ibmcloud.com/vulnerabilities/34734 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1680 •

CVSS: 9.0EPSS: 2%CPEs: 6EXPL: 0

Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server. Vulnerabilidad no especificada en en el mecanismo de autenticación de Solaris Management Console (SMC) en Sun Solaris 8 hasta 10 anterior al 05/06/2007 permite a usuarios autenticados remotamente ejecutar código de su elección a través de vectores no especificados, relacionados con el servidor WBEM. • http://osvdb.org/36591 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102902-1 http://www.securityfocus.com/bid/24326 http://www.securitytracker.com/id?1018205 http://www.vupen.com/english/advisories/2007/2076 https://exchange.xforce.ibmcloud.com/vulnerabilities/34735 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1341 •