CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-1673
https://notcve.org/view.php?id=CVE-2009-1673
18 May 2009 — The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD. El Kernel en Sun Solaris v9 permite a usuarios locales provocar una denegación de servicio (panic) llamando a fstat con un primer argumento de AT_FDCWD. • http://osvdb.org/54464 •
CVSS: 4.6EPSS: 0%CPEs: 226EXPL: 0CVE-2009-1276
https://notcve.org/view.php?id=CVE-2009-1276
09 Apr 2009 — XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. XScreenSaver en Sun Solaris v10 and OpenSolaris anteriores a snv_109, y Solaris v8 y v9 con GNOME v2.0 o v2.0.2, permite a atacantes próximos físicamente conseguir información sensible, leyendo las ven... • http://securitytracker.com/id?1022009 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 227EXPL: 0CVE-2009-1207
https://notcve.org/view.php?id=CVE-2009-1207
01 Apr 2009 — Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. Condición Race en la secuencia de comandos en Sun Solaris v8 hasta v10, y OpenSolaris snv_01 hasta snv_111, permite a los usuario locales sobrescribir arbitrariamente archivos, probablemente involucra un ataque de enlace simbólico en archivos temporales. • http://secunia.com/advisories/34558 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0874
https://notcve.org/view.php?id=CVE-2009-0874
12 Mar 2009 — Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. Vulnerabilidades múltiples no especificadas en el subsistema Doors en el kernel en Sun Solaris v8 ha... • http://secunia.com/advisories/34227 • CWE-399: Resource Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 192EXPL: 0CVE-2009-0875
https://notcve.org/view.php?id=CVE-2009-0875
12 Mar 2009 — Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. Condición de carrera en el subsistema Doors en el kernel en Sun Solaris v8 hasta v10, y OpenSolaris anterior a snv_94, permite a los usuarios locales causar una denegació... • http://osvdb.org/52561 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2009-0857
https://notcve.org/view.php?id=CVE-2009-0857
09 Mar 2009 — Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en /prm/reports en Performance Reporting Module (PRM) para Sun Management Center (SunMC) v3.6.1 y v4.0, permite a atacantes remotos inye... • http://secunia.com/advisories/34146 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 168EXPL: 0CVE-2009-0480
https://notcve.org/view.php?id=CVE-2009-0480
09 Feb 2009 — The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. La implementación IP en Sun Solaris v8 a la v10 y OpenSolaris anterior a snv_82, emplea una arena inadecuada cuando al asignar números secundarios para sockets, lo que permite a usuarios locales provocar una denegación de serv... • http://mail.opensolaris.org/pipermail/onnv-notify/2008-January/013262.html • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2009-0346
https://notcve.org/view.php?id=CVE-2009-0346
29 Jan 2009 — The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. La implementacion del procesado del paquete IP-en-IP en la pila de IPsec e IP en Sun Solaris v9 y v10, y OpenSolaris desde snv_01 hasta snv_85, permite a usuarios locales producir una denegacion de servicio (panic) a traves de un paquete autoenca... • http://secunia.com/advisories/33727 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 210EXPL: 0CVE-2009-0319
https://notcve.org/view.php?id=CVE-2009-0319
28 Jan 2009 — Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." Vulnerabilidad sin especificar en el módulo autofs en el kernel en Sun Solaris 8 a la 10, y OpenSolaris anterior a snv_108, permite a usuarios locales provocar una denegación de servicio (parada del montaje autofs) o posiblemente la obtención... • http://secunia.com/advisories/33665 •
CVSS: 7.5EPSS: 1%CPEs: 192EXPL: 0CVE-2009-0267
https://notcve.org/view.php?id=CVE-2009-0267
26 Jan 2009 — libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. libike en Sun Solaris v9 y v10, y OpenSolaris anteriores a snv_100, no chequean los paquetes de forma apropiada, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio in.iked) a través de paquetes IKE no especificados, e... • http://secunia.com/advisories/33702 • CWE-20: Improper Input Validation •