CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0CVE-2006-4319
https://notcve.org/view.php?id=CVE-2006-4319
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. Desbordamiento de búfer en el comando format en Solaris 8, 9, y 10 permite a usuarios locales con acceso a format (tales y como el perfil RBAC "File System Management") ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad distinta de CVE-2006-4307. • http://secunia.com/advisories/21581 http://secunia.com/advisories/22295 http://securitytracker.com/id?1016727 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102519-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.securityfocus.com/bid/19657 http://www.vupen.com/english/advisories/2006/3355 https://exchange.xforce.ibmcloud.com/vulnerabilities/28519 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2164 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2006-4306
https://notcve.org/view.php?id=CVE-2006-4306
Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. Vulnerabilidad no especificada en Sun Solaris 8 y 9 versiones anteriores a 20060821 permite a atacantes remotos ejecutar sentencias de su elección mediante vectores sin especificar, involucrando la configuración del Control de Acceso por defecto basado en rol (RBAC) en el perfil "File System Management". • http://secunia.com/advisories/21581 http://secunia.com/advisories/22295 http://securitytracker.com/id?1016726 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.securityfocus.com/bid/19643 http://www.vupen.com/english/advisories/2006/3355 https://exchange.xforce.ibmcloud.com/vulnerabilities/28551 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1527 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2006-4307
https://notcve.org/view.php?id=CVE-2006-4307
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319. Vulnerabilidad no especificada en el comando de formato en Sun Solaris 8 y 9 anterior a 21/08/2006 permite a un usuario local modificar archivos de su elección a través de vectores no especificados que afectan al perfil que permite ejecutar el formato con privilegios elevados, un asunto diferente al de CVE-2006-4306. • http://secunia.com/advisories/21581 http://secunia.com/advisories/22295 http://securitytracker.com/id?1016726 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102514-1 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.securityfocus.com/bid/19647 http://www.vupen.com/english/advisories/2006/3355 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1573 •
CVSS: 5.0EPSS: 6%CPEs: 3EXPL: 0CVE-2006-3920
https://notcve.org/view.php?id=CVE-2006-3920
The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. La implementación TCP en Sun Solaris 8, 9, y 10 anterior a 20060726 permite a atacantes remotos provocar denegación de servicio (agotamiento de recursos) a través de una paquete TCP con secuencias de números incorrectos, lo cual dispara una tormenta de ACK. • http://secunia.com/advisories/21226 http://secunia.com/advisories/22425 http://securitytracker.com/id?1016589 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102206-1 http://support.avaya.com/elmodocs2/security/ASA-2006-204.htm http://www.vupen.com/english/advisories/2006/2997 https://exchange.xforce.ibmcloud.com/vulnerabilities/28048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1374 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3728
https://notcve.org/view.php?id=CVE-2006-3728
Unspecified vulnerability in the kernel in Solaris 10 with patch 118822-29 (118844-29 on x86) and without patch 118833-11 (118855-08) allows remote authenticated users to cause a denial of service via unspecified vectors that lead to "kernel data structure corruption" that can trigger a system panic, application failure, or "data corruption." Vulnerabilidad no especificada en el Kernel en Solaris 10 con 118822-29 (118844-29 sobre x86) y sin el parche 118833-11 (118855-08) permite a usuarios remotos validados provocar denegación de servicios a través de vectores no especificados que llevan a "corrupción de la estructura de datos del kernel" que puede disparar panico del sistema(panic system), fallo de aplicación, o "corrupción de datos". • http://secunia.com/advisories/21109 http://securitytracker.com/id?1016535 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102344-1 http://www.securityfocus.com/bid/19064 http://www.vupen.com/english/advisories/2006/2872 https://exchange.xforce.ibmcloud.com/vulnerabilities/27801 •