CVE-2009-1276
https://notcve.org/view.php?id=CVE-2009-1276
XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. XScreenSaver en Sun Solaris v10 and OpenSolaris anteriores a snv_109, y Solaris v8 y v9 con GNOME v2.0 o v2.0.2, permite a atacantes próximos físicamente conseguir información sensible, leyendo las ventanas "PopUp"s, que se muestran cuando la pantalla se bloquea, como se demostró en las notificaciones de nuevo mensaje de Thunderbird. • http://securitytracker.com/id?1022009 http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-22-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1 http://www.securityfocus.com/bid/34421 http://www.vupen.com/english/advisories/2009/0978 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2009-1207
https://notcve.org/view.php?id=CVE-2009-1207
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files. Condición Race en la secuencia de comandos en Sun Solaris v8 hasta v10, y OpenSolaris snv_01 hasta snv_111, permite a los usuario locales sobrescribir arbitrariamente archivos, probablemente involucra un ataque de enlace simbólico en archivos temporales. • http://secunia.com/advisories/34558 http://secunia.com/advisories/34813 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138897-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-253468-1 http://support.avaya.com/elmodocs2/security/ASA-2009-140.htm http://www.securityfocus.com/bid/34316 http://www.vupen.com/english/advisories/2009/1105 https://exchange.xforce.ibmcloud.com/vulnerabilities/49526 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mit • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2009-0923
https://notcve.org/view.php?id=CVE-2009-0923
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server. Vulnerabilidad sin especificar en Kerberos Incremental Propagation en Solaris 10 y OpenSolaris snv_01 hasta snv_110 permite a atacantes remotos provocar una denegación de servicio (perdida de peticiones de propagación incremental a servidores KDC esclavos) a través de vectores desconocidos relacionados con el servidor maestro Key Distribution Center (KDC) • http://secunia.com/advisories/34298 http://secunia.com/advisories/34487 http://sunsolve.sun.com/search/document.do?assetkey=1-26-249926-1 http://support.avaya.com/elmodocs2/security/ASA-2009-102.htm http://www.securityfocus.com/bid/34139 http://www.securitytracker.com/id?1021851 http://www.vupen.com/english/advisories/2009/0741 http://www.vupen.com/english/advisories/2009/0875 https://exchange.xforce.ibmcloud.com/vulnerabilities/49276 https://oval.cisecurity.org/repository/search •
CVE-2009-0913
https://notcve.org/view.php?id=CVE-2009-0913
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. Vulnerabilidad no especificada en el módulo keysock del kernel en Solaris v10 y OpenSolaris versiones vsnv_01 hasta vsnv_108 permite a usuarios locales provocar una denegación de servicio (error irrecuperable del sistema) mediante vectores desconocidos relacionados con el socket PF_KEY, relacionado probablemente con las opciones de configuración del socket. • http://osvdb.org/52678 http://secunia.com/advisories/34277 http://secunia.com/advisories/34456 http://sunsolve.sun.com/search/document.do?assetkey=1-66-253568-1 http://support.avaya.com/elmodocs2/security/ASA-2009-099.htm http://www.securityfocus.com/bid/34118 http://www.securitytracker.com/id?1021846 http://www.vupen.com/english/advisories/2009/0717 http://www.vupen.com/english/advisories/2009/0817 https://exchange.xforce.ibmcloud.com/vulnerabilities/49247 https://oval. •
CVE-2009-0874
https://notcve.org/view.php?id=CVE-2009-0874
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. Vulnerabilidades múltiples no especificadas en el subsistema Doors en el kernel en Sun Solaris v8 hasta v10, y OpenSolaris anteriores a snv_94, permite a los usuarios locales causar una denegación de servicio (cuelgue del proceso), o posiblemente evitar los permisos del archivo o obtener privilegios kernel-context, a través de vectores incluyendo los relativos a (1) argumento que maneja deadlook en una puerta de servidor (2) problemas watchpoint en la función door_call. • http://secunia.com/advisories/34227 http://secunia.com/advisories/34375 http://sunsolve.sun.com/search/document.do?assetkey=1-21-117350-61-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-242486-1 http://support.avaya.com/elmodocs2/security/ASA-2009-095.htm http://www.securityfocus.com/bid/34081 http://www.securitytracker.com/id?1021840 http://www.vupen.com/english/advisories/2009/0673 http://www.vupen.com/english/advisories/2009/0766 • CWE-399: Resource Management Errors •