CVSS: 5.0EPSS: 1%CPEs: 210EXPL: 1CVE-2009-2029
https://notcve.org/view.php?id=CVE-2009-2029
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. Vulnerabilidad sin especificar en rpc.nisd en Sun Solaris v8 a la v10, y OpenSolaris anterior snv_104, permite a usuarios autenticados remotamente provocar una denegación e servicio( caída de demonio NIS+) a través de vectores no especificados relacionados con las llamadas de NIS+ ñ. • http://sunsolve.sun.com/search/document.do?assetkey=1-21-112960-67-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256748-1 http://www.securityfocus.com/bid/35276 http://www.vupen.com/english/advisories/2009/1566 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6331 •
CVSS: 4.7EPSS: 0%CPEs: 227EXPL: 0CVE-2009-1933
https://notcve.org/view.php?id=CVE-2009-1933
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. Kerberos in Sun Solaris 8, 9, y 10, y OpenSolaris anterior a snv_117, no administra adecuadamente las credenciales de caché, lo que permite a usuarios locales acceder a puntos de montaje "Kerberized NFS" y recursos compartidos "Kerberized NFS" a través de vectores no especificados. • http://secunia.com/advisories/35341 http://secunia.com/advisories/35414 http://sunsolve.sun.com/search/document.do?assetkey=1-21-140841-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-252787-1 http://support.avaya.com/elmodocs2/security/ASA-2009-210.htm http://www.securityfocus.com/bid/35205 http://www.vupen.com/english/advisories/2009/1499 http://www.vupen.com/english/advisories/2009/1559 • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 86%CPEs: 4EXPL: 0CVE-2008-3870
https://notcve.org/view.php?id=CVE-2008-3870
Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation. Desbordamiento de entero en sadmind en Sun Solaris v8 y v9 permite a atacantes remotos ejecutar código de forma arbitraria a través de una petición RPC manipulada que inicia un desbordamiento de búfer basado en montículo, relacionado con una localización de memoria no adecuada. • http://secunia.com/advisories/32473 http://secunia.com/advisories/35191 http://secunia.com/secunia_research/2008-47 http://sunsolve.sun.com/search/document.do?assetkey=1-21-116455-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-259468-1 http://support.avaya.com/elmodocs2/security/ASA-2009-195.htm http://www.osvdb.org/54668 http://www.securityfocus.com/archive/1/503772/100/0/threaded http://www.securityfocus.com/bid/35083 http://www.securitytracker.com/ • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 64%CPEs: 4EXPL: 0CVE-2008-3869
https://notcve.org/view.php?id=CVE-2008-3869
Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters. Desbordamiento de búfer basado en entero en sadmind en Sun Solaris v8 y v9 permite a atacantes remotos ejecutar código de forma arbitraria a través de unas peticiones RPC manipuladas, relacionado con la decodificación inadecuada de parámetros "request". • http://secunia.com/advisories/32473 http://secunia.com/advisories/35191 http://secunia.com/secunia_research/2008-45 http://sunsolve.sun.com/search/document.do?assetkey=1-21-116455-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-259468-1 http://support.avaya.com/elmodocs2/security/ASA-2009-195.htm http://www.osvdb.org/54663 http://www.securityfocus.com/archive/1/503771/100/0/threaded http://www.securityfocus.com/bid/35083 http://www.securitytracker.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 226EXPL: 0CVE-2009-1276
https://notcve.org/view.php?id=CVE-2009-1276
XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. XScreenSaver en Sun Solaris v10 and OpenSolaris anteriores a snv_109, y Solaris v8 y v9 con GNOME v2.0 o v2.0.2, permite a atacantes próximos físicamente conseguir información sensible, leyendo las ventanas "PopUp"s, que se muestran cuando la pantalla se bloquea, como se demostró en las notificaciones de nuevo mensaje de Thunderbird. • http://securitytracker.com/id?1022009 http://sunsolve.sun.com/search/document.do?assetkey=1-21-120094-22-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-255308-1 http://www.securityfocus.com/bid/34421 http://www.vupen.com/english/advisories/2009/0978 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •