CVSS: 7.1EPSS: 0%CPEs: 210EXPL: 0CVE-2008-5690
https://notcve.org/view.php?id=CVE-2008-5690
19 Dec 2008 — The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. La funcionalidad de renovación de credenciales de Kerberos en Sun Solaris versiones 8, 9 y 10, y OpenSolaris build snv_01 hasta snv_104, permite a usuarios locales causar una denegació... • http://secunia.com/advisories/33042 • CWE-255: Credentials Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 30EXPL: 0CVE-2008-5423
https://notcve.org/view.php?id=CVE-2008-5423
11 Dec 2008 — Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector. Sun Ray Server Software v3.x y v4.0 y Sun Ray Windows Connector v1.1 y v2.0 exponen la contraseña LDAP... • http://secunia.com/advisories/33108 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2008-5422
https://notcve.org/view.php?id=CVE-2008-5422
11 Dec 2008 — Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors. Sun Sun Ray Server Software v3.1 a v4.0 no restringe el acceso apropiadamente, lo que permite a atacantes remotos descubrir la contraseña de administración de Sun Ray y obtener acceso admin a el Data Store y la Administration GUI, mediante vectores no especificad... • http://secunia.com/advisories/33108 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 5%CPEs: 210EXPL: 1CVE-2008-5010 – Ubuntu 6.06 - DHCPd Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-5010
10 Nov 2008 — in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. in.dhcpd para la implementación DHCP de Sun Solaris v8 hasta v10 y OpenSolaris anterior a snv_103; permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida del demonio) a través de solicitudes DHCP desconocidas... • https://www.exploit-db.com/exploits/4601 •
CVSS: 7.5EPSS: 1%CPEs: 2049EXPL: 1CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
20 Oct 2008 — The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, p... • https://github.com/mrclki/sockstress • CWE-16: Configuration •
CVSS: 10.0EPSS: 83%CPEs: 4EXPL: 5CVE-2008-4556 – Solaris 9 (UltraSPARC) - 'sadmind' Remote Code Execution
https://notcve.org/view.php?id=CVE-2008-4556
14 Oct 2008 — Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request. Desbordamiento de búfer basado en la pila, en la función adm_build_path de sadmind en Solstice AdminSuite de Sun, en Solaris 8 y 9, permite a un atacante remoto ejecutar código de su elección por medio de una petición manipulada. • https://www.exploit-db.com/exploits/6786 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 177EXPL: 0CVE-2008-4160
https://notcve.org/view.php?id=CVE-2008-4160
22 Sep 2008 — Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation. Vulnerabilidad sin especificar en el módulo UFS en Sun Solaris v8 a la v10 y OpenSolaris, permite a usuarios locales provocar una denegación de servicio (puntero a referencia NULL y kernel panic) a través de vectores desconocidos relacionados con ... • http://secunia.com/advisories/31919 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2008-4131 – Sun Solaris 9/10 Text Editors - Command Execution
https://notcve.org/view.php?id=CVE-2008-4131
19 Sep 2008 — Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs. Múltiples vulnerabilidades inespecíficas en Sun Solaris 8 a 10 permite a atacantes remotos aumentar privilegios a través de vectores relacionados con el manejo de etiquetas con la opcion (1) -t y (2) el comando :tag en los programas (a) vi, (b) ex, (c) ve... • https://www.exploit-db.com/exploits/32393 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2008-3875
https://notcve.org/view.php?id=CVE-2008-3875
02 Sep 2008 — The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls. El núcleo de Sun Solaris 8 hasta 10 y OpenSolaris anterior a snv_90, permite a usuarios locales evitar chroot, zones y la política de seguridad multi nivel de Solaris Trusted Extensions, y establecer un canal de comunicación encubierto, a tr... • http://secunia.com/advisories/31667 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 13%CPEs: 23EXPL: 0CVE-2008-0965
https://notcve.org/view.php?id=CVE-2008-0965
08 Aug 2008 — Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. Múltiples vulnerabilidades de cadena de formato en snoop sobre Sun Solaris versión 8 hasta 10 y OpenSolaris anterior a la versión snv_96, cuando se omite la opción -o, permiten a los atacantes remotos ejecutar código arbitrario por medio de especificadores de cadena de formato ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=735 • CWE-134: Use of Externally-Controlled Format String •