Page 65 of 438 results (0.012 seconds)

CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. Vulnerabilidad sin especificar en la implementación del protocolo SCTP en Sun Solaris 10 permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU y amplificación del tráfico de red) mediante un paquete SCTP manipulado. • http://secunia.com/advisories/29973 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236521-1 http://www.securityfocus.com/bid/29024 http://www.securitytracker.com/id?1019962 http://www.vupen.com/english/advisories/2008/1429/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5258 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0

Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet. Vulnerabilidad sin especificar en la implementación del protocolo SCTP en Sun Solaris 10 permite a atacantes remotos provocar una denegación de servicio (pánico) mediante un paquete SCTP manipulado. • http://secunia.com/advisories/29973 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236321-1 http://www.securityfocus.com/bid/29023 http://www.securitytracker.com/id?1019961 http://www.vupen.com/english/advisories/2008/1429/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5165 • CWE-16: Configuration •

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets. Sun Solaris 8, 9 y 10 permite usuarios con "privilegios remotos" provocar una denegación de servicio (pánico), mediante vectores desconocidos relacionados con los paquetes IP autoencapsulados. • http://secunia.com/advisories/29783 http://secunia.com/advisories/29817 http://sunsolve.sun.com/search/document.do?assetkey=1-26-235901-1 http://support.avaya.com/elmodocs2/security/ASA-2008-173.htm http://www.securityfocus.com/bid/28732 http://www.securitytracker.com/id?1019831 http://www.vupen.com/english/advisories/2008/1192/references http://www.vupen.com/english/advisories/2008/1325/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41762 https://oval.cisecurity.org • CWE-399: Resource Management Errors •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors. Vulnerabilidad no especificada en la funcionalidad etiquetada de trabajo en red de Solaris 10 Trusted Extensions permite a aplicaciones en zonas etiquetadas separadas evitar las restricciones de etiquetas a través de vectores desconocidos. • http://secunia.com/advisories/29730 http://sunsolve.sun.com/search/document.do?assetkey=1-26-235421-1 http://www.securityfocus.com/bid/28734 http://www.securitytracker.com/id?1019832 http://www.vupen.com/english/advisories/2008/1194/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41764 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0

inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. inetd en Sun Solaris 10, cuando está habilitado la validación de depuración, permite a usuarios locales escribir en archivos de su elección a través de un ataque de enlaces simbólicos en el fichero temporal /var/tmp/inetd.log. • http://secunia.com/advisories/29654 http://securitytracker.com/id?1019781 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233284-1 http://www.securityfocus.com/bid/28584 http://www.vupen.com/english/advisories/2008/1076 https://exchange.xforce.ibmcloud.com/vulnerabilities/41626 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5369 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •