Page 7 of 135 results (0.014 seconds)

CVSS: 5.0EPSS: 2%CPEs: 8EXPL: 0

Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. • http://secunia.com/advisories/8944 http://sunsolve.sun.com/search/document.do?assetkey=1-26-55440-1 http://www.securityfocus.com/archive/1/324015 http://www.securityfocus.com/bid/7820 https://exchange.xforce.ibmcloud.com/vulnerabilities/12194 •

CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0

BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. • http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp http://www.securityfocus.com/bid/6719 https://exchange.xforce.ibmcloud.com/vulnerabilities/11220 •

CVSS: 1.2EPSS: 0%CPEs: 10EXPL: 1

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. • https://www.exploit-db.com/exploits/22203 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html http://isec.pl/vulnerabilities/isec-0008-sun-at.txt http://secunia.com/advisories/7960 http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1 http://www.ciac.org/ciac/bulletins/n-070.shtml http://www.securityfocus.com/archive/1/308577 http://www.securityfocus.com/bid/6692 http://www.securityfocus.com/bid/6693 http://www.securitytracker.com/id?1005994&# •

CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0

Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files. Múltiples vulnerabilidades desconocidas en lpstat y la librería libprint en Solaris 2.6 a 9 puede permitir a atacantes ejecutar código arbitrario o leer o escribir ficheros arbitrarios. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57451 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4098 •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. • http://secunia.com/advisories/10411 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57443-1 http://www.auscert.org.au/render.html?it=3688 http://www.osvdb.org/2955 http://www.securityfocus.com/bid/9199 https://exchange.xforce.ibmcloud.com/vulnerabilities/13952 •