CVSS: 7.5EPSS: 1%CPEs: 221EXPL: 1CVE-2009-0872
https://notcve.org/view.php?id=CVE-2009-0872
11 Mar 2009 — The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. El servidor NFS en Sun Solaris 10 y Opensolaris anterios a svn_111, no implementa adecuadamente el modo de seguridad AUTH_NONE (también conocido como sec=none)... • http://osvdb.org/52559 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 202EXPL: 0CVE-2009-0870
https://notcve.org/view.php?id=CVE-2009-0870
10 Mar 2009 — The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. El modulo del servidor NFSv4 en el kernel en Sun Solaris v10, y OpenSolaris anterior a snv_111, permite a usuarios locales producir una denegación de servicio (bucle infinito y colgado de sistema) mediante el acceso a un fichero de sistema h... • http://secunia.com/advisories/34193 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 40EXPL: 0CVE-2009-0838
https://notcve.org/view.php?id=CVE-2009-0838
06 Mar 2009 — The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function. El controlador crypto pseudo en Sun Solaris v10, y OpenSolaris snv_88 hasta snv_102, no libera memoria adecuadamente, lo cual permite a usuarios locales provocar una denegación de servicio (pánico) a través de vectores no especificados, relacionado con la funci... • http://secunia.com/advisories/34149 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 168EXPL: 0CVE-2009-0480
https://notcve.org/view.php?id=CVE-2009-0480
09 Feb 2009 — The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. La implementación IP en Sun Solaris v8 a la v10 y OpenSolaris anterior a snv_82, emplea una arena inadecuada cuando al asignar números secundarios para sockets, lo que permite a usuarios locales provocar una denegación de serv... • http://mail.opensolaris.org/pipermail/onnv-notify/2008-January/013262.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 1CVE-2009-0477
https://notcve.org/view.php?id=CVE-2009-0477
08 Feb 2009 — Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem. Vulnerabilidad sin especificar en "process filesystem" (también conocido como proc) en Sun OpenSolaris de la v.snv_85 a la v.snv_100, permite a usuarios locales obtener privilegios a través de vectores relacionados con el "contract filesystem". • http://sunsolve.sun.com/search/document.do?assetkey=1-66-244026-1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 3%CPEs: 74EXPL: 0CVE-2008-6024
https://notcve.org/view.php?id=CVE-2008-6024
02 Feb 2009 — Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. Vulnerabilidad no especificada en el módulo del kernel del cliente NFSv4 de Sun Solaris v10 y OpenSolaris en versiones anteriores a snv_37. Cuando se utiliza automountd, permite a atacantes remotos, con la intervención del usuario, causar un ataque de ... • http://secunia.com/advisories/31517 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 210EXPL: 0CVE-2009-0319
https://notcve.org/view.php?id=CVE-2009-0319
28 Jan 2009 — Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." Vulnerabilidad sin especificar en el módulo autofs en el kernel en Sun Solaris 8 a la 10, y OpenSolaris anterior a snv_108, permite a usuarios locales provocar una denegación de servicio (parada del montaje autofs) o posiblemente la obtención... • http://secunia.com/advisories/33665 •
CVSS: 7.8EPSS: 35%CPEs: 217EXPL: 1CVE-2009-0304 – SunOS Release 5.11 snv_101b - Remote IPv6 Crash
https://notcve.org/view.php?id=CVE-2009-0304
27 Jan 2009 — The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. El kernel en Sun Solaris versiones 10 y 11 snv_101b, y OpenSolaris anterior a snv_108, permite a los atacantes remotos causar una denegación de servicio (bloqueo del sistema) por medio de un paquete IPv6 diseñado, relacionado con una "insuffic... • https://www.exploit-db.com/exploits/7865 •
CVSS: 4.9EPSS: 0%CPEs: 210EXPL: 0CVE-2009-0268
https://notcve.org/view.php?id=CVE-2009-0268
26 Jan 2009 — Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. Una condición de carrera en el pseudo-terminal (alias PTY) en el módulo controlador de Sun Solaris 8 a 10, y OpenSolaris en versiones anteriores a la snv_103, permite a usuarios locales provocar una denegación de servicio (con un panic del kernel)... • http://secunia.com/advisories/33708 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 4%CPEs: 192EXPL: 0CVE-2009-0267
https://notcve.org/view.php?id=CVE-2009-0267
26 Jan 2009 — libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. libike en Sun Solaris v9 y v10, y OpenSolaris anteriores a snv_100, no chequean los paquetes de forma apropiada, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio in.iked) a través de paquetes IKE no especificados, e... • http://secunia.com/advisories/33702 • CWE-20: Improper Input Validation •