Page 55 of 391 results (0.016 seconds)

CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 1

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. • https://www.exploit-db.com/exploits/19509 http://www.securityfocus.com/bid/659 •

CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 1

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. • https://www.exploit-db.com/exploits/19498 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192 http://www.securityfocus.com/bid/636 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1880 •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 2

Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. • https://www.exploit-db.com/exploits/19529 http://marc.info/?l=bugtraq&m=93727925026476&w=2 http://marc.info/?l=bugtraq&m=93846422810162&w=2 http://www.securityfocus.com/bid/672 https://exchange.xforce.ibmcloud.com/vulnerabilities/3297 •

CVSS: 7.2EPSS: 0%CPEs: 28EXPL: 1

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. • https://www.exploit-db.com/exploits/19497 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192 http://www.securityfocus.com/bid/635 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3078 •

CVSS: 7.5EPSS: 1%CPEs: 33EXPL: 0

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192 http://www.ciac.org/ciac/bulletins/k-001.shtml http://www.securityfocus.com/bid/637 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103 •