CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2009-0857
https://notcve.org/view.php?id=CVE-2009-0857
09 Mar 2009 — Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en /prm/reports en Performance Reporting Module (PRM) para Sun Management Center (SunMC) v3.6.1 y v4.0, permite a atacantes remotos inye... • http://secunia.com/advisories/34146 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 168EXPL: 0CVE-2009-0480
https://notcve.org/view.php?id=CVE-2009-0480
09 Feb 2009 — The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. La implementación IP en Sun Solaris v8 a la v10 y OpenSolaris anterior a snv_82, emplea una arena inadecuada cuando al asignar números secundarios para sockets, lo que permite a usuarios locales provocar una denegación de serv... • http://mail.opensolaris.org/pipermail/onnv-notify/2008-January/013262.html • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 0CVE-2009-0346
https://notcve.org/view.php?id=CVE-2009-0346
29 Jan 2009 — The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. La implementacion del procesado del paquete IP-en-IP en la pila de IPsec e IP en Sun Solaris v9 y v10, y OpenSolaris desde snv_01 hasta snv_85, permite a usuarios locales producir una denegacion de servicio (panic) a traves de un paquete autoenca... • http://secunia.com/advisories/33727 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 210EXPL: 0CVE-2009-0319
https://notcve.org/view.php?id=CVE-2009-0319
28 Jan 2009 — Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." Vulnerabilidad sin especificar en el módulo autofs en el kernel en Sun Solaris 8 a la 10, y OpenSolaris anterior a snv_108, permite a usuarios locales provocar una denegación de servicio (parada del montaje autofs) o posiblemente la obtención... • http://secunia.com/advisories/33665 •
CVSS: 7.5EPSS: 1%CPEs: 192EXPL: 0CVE-2009-0267
https://notcve.org/view.php?id=CVE-2009-0267
26 Jan 2009 — libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. libike en Sun Solaris v9 y v10, y OpenSolaris anteriores a snv_100, no chequean los paquetes de forma apropiada, lo que permite a atacantes remotos provocar una denegación de servicio (caída del demonio in.iked) a través de paquetes IKE no especificados, e... • http://secunia.com/advisories/33702 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 210EXPL: 0CVE-2009-0268
https://notcve.org/view.php?id=CVE-2009-0268
26 Jan 2009 — Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. Una condición de carrera en el pseudo-terminal (alias PTY) en el módulo controlador de Sun Solaris 8 a 10, y OpenSolaris en versiones anteriores a la snv_103, permite a usuarios locales provocar una denegación de servicio (con un panic del kernel)... • http://secunia.com/advisories/33708 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2009-0132
https://notcve.org/view.php?id=CVE-2009-0132
15 Jan 2009 — Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument). Desbordamiento de entero en la función aio_suspend en Sun Solaris v8 hasta la v10 y OpenSolaris cuando el modo 32-bit esta activado, permitiendo a usuarios locales causar una denegación de servicio (causando un panic) a través de un valor de entero largo en el segund... • http://secunia.com/advisories/33516 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-5746
https://notcve.org/view.php?id=CVE-2008-5746
29 Dec 2008 — Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files. Sun SNMP Management Agent (SUNWmasf) v1.4u2 a la v1.5.4, permite a usuarios locales sobrescribir ficheros de su elección y obtener privilegios a través de un ataque de enlace simbólico sobre ficheros temporales. • http://osvdb.org/50987 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 1%CPEs: 91EXPL: 0CVE-2008-5684
https://notcve.org/view.php?id=CVE-2008-5684
19 Dec 2008 — Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session). Una vulnerabilidad sin especificar en el X Inter Client Exchange library (tambien llamado libICE) en Sun Solaris 8 a 10 y en versiones de OpenSolaris anteriores a la snv_8... • http://secunia.com/advisories/33157 • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 210EXPL: 0CVE-2008-5690
https://notcve.org/view.php?id=CVE-2008-5690
19 Dec 2008 — The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. La funcionalidad de renovación de credenciales de Kerberos en Sun Solaris versiones 8, 9 y 10, y OpenSolaris build snv_01 hasta snv_104, permite a usuarios locales causar una denegació... • http://secunia.com/advisories/33042 • CWE-255: Credentials Management Errors •