CVSS: 4.9EPSS: 0%CPEs: 216EXPL: 0CVE-2009-2135
https://notcve.org/view.php?id=CVE-2009-2135
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. Múltiples condiciones de carrera en el Solaris Event Port API en Sun Solaris v10 y OpenSolaris versiones anteriores a snv_107 permite a usuarios locales provocar una denegación de servicio (panic) mediante vectore no especificados relacionados con una carrera entre las funciones "port_dissociate" y "close". • http://osvdb.org/55231 http://osvdb.org/55232 http://secunia.com/advisories/35279 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141414-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-260449-1 http://support.avaya.com/elmodocs2/security/ASA-2009-246.htm http://www.securityfocus.com/bid/35437 http://www.securitytracker.com/id?1022422 http://www.vupen.com/english/advisories/2009/1634 https://exchange.xforce.ibmcloud.com/vulnerabilities/51284 https:&# • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 1%CPEs: 210EXPL: 1CVE-2009-2029
https://notcve.org/view.php?id=CVE-2009-2029
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. Vulnerabilidad sin especificar en rpc.nisd en Sun Solaris v8 a la v10, y OpenSolaris anterior snv_104, permite a usuarios autenticados remotamente provocar una denegación e servicio( caída de demonio NIS+) a través de vectores no especificados relacionados con las llamadas de NIS+ ñ. • http://sunsolve.sun.com/search/document.do?assetkey=1-21-112960-67-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256748-1 http://www.securityfocus.com/bid/35276 http://www.vupen.com/english/advisories/2009/1566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6331 •
CVSS: 4.7EPSS: 0%CPEs: 227EXPL: 0CVE-2009-1933
https://notcve.org/view.php?id=CVE-2009-1933
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. Kerberos in Sun Solaris 8, 9, y 10, y OpenSolaris anterior a snv_117, no administra adecuadamente las credenciales de caché, lo que permite a usuarios locales acceder a puntos de montaje "Kerberized NFS" y recursos compartidos "Kerberized NFS" a través de vectores no especificados. • http://secunia.com/advisories/35341 http://secunia.com/advisories/35414 http://sunsolve.sun.com/search/document.do?assetkey=1-21-140841-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-252787-1 http://support.avaya.com/elmodocs2/security/ASA-2009-210.htm http://www.securityfocus.com/bid/35205 http://www.vupen.com/english/advisories/2009/1499 http://www.vupen.com/english/advisories/2009/1559 • CWE-255: Credentials Management Errors •
CVSS: 4.9EPSS: 0%CPEs: 227EXPL: 1CVE-2009-1478 – Solaris 10 / OpenSolaris - 'dtrace' Local Kernel Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2009-1478
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors. Múltiples vulnerabilidades no especificadas en los manipuladores DTrace ioctl en Sun Solaris v10 y OpenSolaris anteriores a snv_114, permiten a usuarios locales provocar una denegación de servicio (panic) a través de vectores desconocidos. • https://www.exploit-db.com/exploits/8597 http://osvdb.org/54138 http://secunia.com/advisories/34836 http://secunia.com/advisories/35098 http://sunsolve.sun.com/search/document.do?assetkey=1-66-257708-1 http://support.avaya.com/elmodocs2/security/ASA-2009-171.htm http://www.securityfocus.com/bid/34753 http://www.securitytracker.com/id?1022143 http://www.vupen.com/english/advisories/2009/1199 http://www.vupen.com/english/advisories/2009/1378 https://exchange.xforce.ibm •
CVSS: 2.1EPSS: 0%CPEs: 226EXPL: 0CVE-2009-1276
https://notcve.org/view.php?id=CVE-2009-1276
XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. XScreenSaver en Sun Solaris v10 and OpenSolaris anteriores a snv_109, y Solaris v8 y v9 con GNOME v2.0 o v2.0.2, permite a atacantes próximos físicamente conseguir información sensible, leyendo las ventanas "PopUp"s, que se muestran cuando la pantalla se bloquea, como se demostró en las notificaciones de nuevo mensaje de Thunderbird. • http://securitytracker.com/id?1022009 http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-22-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1 http://www.securityfocus.com/bid/34421 http://www.vupen.com/english/advisories/2009/0978 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •