CVSS: 7.5EPSS: 65%CPEs: 10EXPL: 1CVE-2003-0027 – Solaris KCMS + TTDB Arbitrary File Read
https://notcve.org/view.php?id=CVE-2003-0027
07 Feb 2003 — Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. Vulnerabilidad de atravesamiento de directorios en el demonio servidor de Sun Kodak Color Management System (KMCS) (kcms_server) permite a atacantes remotos leer ficheros arbitrarios mediante el procedimiento KCS_OPEN_PROFILE • https://packetstorm.news/files/id/180772 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2003-1075
https://notcve.org/view.php?id=CVE-2003-1075
27 Jan 2003 — Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. • http://secunia.com/advisories/7968 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 3CVE-2003-1071 – Sun Solaris 2.5.1/2.6/7.0/8/9 Wall - Spoofed Message Origin
https://notcve.org/view.php?id=CVE-2003-1071
03 Jan 2003 — rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. • https://www.exploit-db.com/exploits/22120 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1871
https://notcve.org/view.php?id=CVE-2002-1871
31 Dec 2002 — pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-45693-1 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2002-1980
https://notcve.org/view.php?id=CVE-2002-1980
31 Dec 2002 — Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45707 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2002-2203
https://notcve.org/view.php?id=CVE-2002-2203
31 Dec 2002 — Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45502 •
CVSS: 10.0EPSS: 5%CPEs: 59EXPL: 0CVE-2002-1584
https://notcve.org/view.php?id=CVE-2002-1584
27 Dec 2002 — Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. • ftp://patches.sgi.com/support/free/security/advisories/20030402-01-P •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2002-1296
https://notcve.org/view.php?id=CVE-2002-1296
23 Dec 2002 — Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. • http://marc.info/?l=bugtraq&m=103842619803173&w=2 •
CVSS: 7.5EPSS: 2%CPEs: 15EXPL: 0CVE-2002-1345
https://notcve.org/view.php?id=CVE-2002-1345
17 Dec 2002 — Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. • ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A •
CVSS: 9.8EPSS: 32%CPEs: 37EXPL: 1CVE-2002-1317 – XFree86 X11R6 3.3.x - Font Server Remote Buffer Overrun
https://notcve.org/view.php?id=CVE-2002-1317
11 Dec 2002 — Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. Desbordamiento de búfer en la rutina Dispatch() en el servidor de fuentes XFS (fs.auto) en Solaris 2.5.1 a 9 permite a atacantes remotos causar una denegación de servicio (caída) o ejecutar código arbitrario mediante una cierta petición XFS. • https://www.exploit-db.com/exploits/22036 •