Page 56 of 438 results (0.013 seconds)

CVSS: 4.7EPSS: 0%CPEs: 202EXPL: 0

CVE-2009-0870

https://notcve.org/view.php?id=CVE-2009-0870

The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function. El modulo del servidor NFSv4 en el kernel en Sun Solaris v10, y OpenSolaris anterior a snv_111, permite a usuarios locales producir una denegación de servicio (bucle infinito y colgado de sistema) mediante el acceso a un fichero de sistema hsfs que esta compartido en NFSv4, relacionado con la función rfs4_op_readdir. • http://secunia.com/advisories/34193 http://secunia.com/advisories/34371 http://securitytracker.com/id?1021819 http://sunsolve.sun.com/search/document.do?assetkey=1-21-139462-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-252469-1 http://support.avaya.com/elmodocs2/security/ASA-2009-090.htm http://www.securityfocus.com/bid/34031 http://www.vupen.com/english/advisories/2009/0635 http://www.vupen.com/english/advisories/2009/0765 https://exchange.xforce.ibmcloud& • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2009-0857

https://notcve.org/view.php?id=CVE-2009-0857

Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en /prm/reports en Performance Reporting Module (PRM) para Sun Management Center (SunMC) v3.6.1 y v4.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "msg". NOTA: esto puede ser aprovechados para el acceso a la Consola Web SunMC. • http://secunia.com/advisories/34146 http://securitytracker.com/id?1021809 http://sunsolve.sun.com/search/document.do?assetkey=1-21-125191-04-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-247046-1 http://www.securityfocus.com/bid/33999 http://www.vupen.com/english/advisories/2009/0605 https://exchange.xforce.ibmcloud.com/vulnerabilities/49076 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 0%CPEs: 168EXPL: 0

CVE-2009-0480

https://notcve.org/view.php?id=CVE-2009-0480

The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets. La implementación IP en Sun Solaris v8 a la v10 y OpenSolaris anterior a snv_82, emplea una arena inadecuada cuando al asignar números secundarios para sockets, lo que permite a usuarios locales provocar una denegación de servicio (fallo en la aplicación 32-bit o parada de login) mediante la apertura de un gran número de sockets. • http://mail.opensolaris.org/pipermail/onnv-notify/2008-January/013262.html http://secunia.com/advisories/33751 http://securitytracker.com/id?1021653 http://sunsolve.sun.com/search/document.do?assetkey=1-21-116965-34-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-248026-1 http://support.avaya.com/elmodocs2/security/ASA-2009-042.htm http://www.securityfocus.com/bid/33550 http://www.vupen.com/english/advisories/2009/0364 https://oval.cisecurity.org/repository/search/def • CWE-189: Numeric Errors •

CVSS: 5.4EPSS: 2%CPEs: 74EXPL: 0

CVE-2008-6024

https://notcve.org/view.php?id=CVE-2008-6024

Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors. Vulnerabilidad no especificada en el módulo del kernel del cliente NFSv4 de Sun Solaris v10 y OpenSolaris en versiones anteriores a snv_37. Cuando se utiliza automountd, permite a atacantes remotos, con la intervención del usuario, causar un ataque de denegación de servicio sobre los sistemas de archivos de tipo NFS mediante vectores de ataque desconocidos. • http://secunia.com/advisories/31517 http://securitytracker.com/id?1020716 http://sunsolve.sun.com/search/document.do?assetkey=1-26-240546-1 http://www.securityfocus.com/bid/30753 http://www.vupen.com/english/advisories/2008/2415 https://exchange.xforce.ibmcloud.com/vulnerabilities/44546 • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 190EXPL: 0

CVE-2009-0346

https://notcve.org/view.php?id=CVE-2009-0346

The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. La implementacion del procesado del paquete IP-en-IP en la pila de IPsec e IP en Sun Solaris v9 y v10, y OpenSolaris desde snv_01 hasta snv_85, permite a usuarios locales producir una denegacion de servicio (panic) a traves de un paquete autoencapsulado que carece de proteccion IPsec. • http://secunia.com/advisories/33727 http://sunsolve.sun.com/search/document.do?assetkey=1-21-114344-38-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-240086-1 http://support.avaya.com/elmodocs2/security/ASA-2009-043.htm http://www.securityfocus.com/bid/33504 http://www.vupen.com/english/advisories/2009/0365 https://exchange.xforce.ibmcloud.com/vulnerabilities/48328 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6088 • CWE-310: Cryptographic Issues •