Page 5 of 64 results (0.007 seconds)

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). • http://marc.info/?l=bugtraq&m=97983943716311&w=2 http://marc.info/?l=bugtraq&m=98028642319440&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/6224 •

CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 https://www.exploit-db.com/exploits/209 https://www.exploit-db.com/exploits/215 https://www.exploit-db.com/exploits/249 https://www.exploit-db.com/exploits/20185 https://www.exploit-db.com/exploits/210 https://www.exploit-db.com/exploits/20188 https://www.exploit-db.com/exploits/20186 https://www.exploit-db.com/exploits/197 https://www.exploit-db.com/exploits/20189 https://www.exploit-db.com/exploits/20190 ftp: • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 26EXPL: 2

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. • https://www.exploit-db.com/exploits/20014 http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/210 http://www.kb.cert.org/vuls/id/36866 http://www.osvdb.org/1398 http://www.securityfocus.com/bid/1348 https://exchange.xforce.ibmcloud.com/vulnerabilities/4711 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges. • http://sunsolve.sun.com/search/document.do?assetkey=1-22-00124-1 •

CVSS: 7.5EPSS: 1%CPEs: 33EXPL: 0

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192 http://www.ciac.org/ciac/bulletins/k-001.shtml http://www.securityfocus.com/bid/637 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103 •