CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1684
https://notcve.org/view.php?id=CVE-2008-1684
inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. inetd en Sun Solaris 10, cuando está habilitado la validación de depuración, permite a usuarios locales escribir en archivos de su elección a través de un ataque de enlaces simbólicos en el fichero temporal /var/tmp/inetd.log. • http://secunia.com/advisories/29654 http://securitytracker.com/id?1019781 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233284-1 http://www.securityfocus.com/bid/28584 http://www.vupen.com/english/advisories/2008/1076 https://exchange.xforce.ibmcloud.com/vulnerabilities/41626 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5369 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.3EPSS: 10%CPEs: 2EXPL: 2CVE-2008-1480 – SunOS 5.10 Sun Cluster - 'rpc.metad' Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-1480
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request. rpc.metad de Sun Solaris 10 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición RPC malformada. • https://www.exploit-db.com/exploits/5258 http://secunia.com/advisories/29418 http://sunsolve.sun.com/search/document.do?assetkey=1-26-249146-1 http://support.avaya.com/elmodocs2/security/ASA-2009-015.htm http://www.securityfocus.com/bid/28261 http://www.securitytracker.com/id?1019652 http://www.vupen.com/english/advisories/2008/0918/references http://www.vupen.com/english/advisories/2009/0206 https://exchange.xforce.ibmcloud.com/vulnerabilities/41224 https://oval.cisecurity.org&#x •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1356
https://notcve.org/view.php?id=CVE-2008-1356
Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using the GNOME On-Screen Keyboard (GOK), allows local users to bypass authentication via unknown vectors that cause the screen saver to crash. Vulnerabilidad no especificada en xscreensaver en Sun Solaris 10 Java Desktop System (JDS), usando el GNOME On-Screen Keyboard (GOK), permite a usuarios locales saltarse la autenticación mediante vectores no especificados que pueden provocar un fallo del salva pantallas (screen saver). • http://secunia.com/advisories/29368 http://sunsolve.sun.com/search/document.do?assetkey=1-26-234661-1 http://www.securityfocus.com/bid/28243 http://www.securitytracker.com/id?1019614 http://www.vupen.com/english/advisories/2008/0875/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41191 • CWE-287: Improper Authentication •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1317
https://notcve.org/view.php?id=CVE-2008-1317
Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues. Vulnerabilidad no especificada en el subsistema de cola de mensajes de Inter-Process Communication (IPC) en Sun Solaris 10 permite a usuarios locales provocar una denegación de servicio (reinicio) mediante la utilización de colas de mensaje de E/S bloqueados. • http://secunia.com/advisories/29352 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231403-1 http://www.securityfocus.com/bid/28214 http://www.vupen.com/english/advisories/2008/0858/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41146 •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2008-1286
https://notcve.org/view.php?id=CVE-2008-1286
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors. Vulnerabilidad no especificada en Sun Java Web Console 3.0.2, 3.0.3 y 3.0.4 permite a atacantes remotos evitar las restricciones de acceso planeadas y determinar la existencia de ficheros o directorios mediante vectores desconocidos. • http://secunia.com/advisories/29290 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231526-1 http://www.securityfocus.com/bid/28155 http://www.securitytracker.com/id?1019574 http://www.vupen.com/english/advisories/2008/0806/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41069 •