CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2005-3674
https://notcve.org/view.php?id=CVE-2005-3674
The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html http://secunia.com/advisories/17554 http://securitytracker.com/id?1015210 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102040-1 http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp http://www.kb.cert.org/vuls/id/226364 http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en http://www.securityfocus.com/bid/15420 http://www.vupen.com/english/advisories/2005/2417 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2005-3398
https://notcve.org/view.php?id=CVE-2005-3398
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. • http://secunia.com/advisories/17334 http://securitytracker.com/id?1015112 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102016-1 http://www.securityfocus.com/bid/15222 http://www.vupen.com/english/advisories/2005/2226 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1445 https://owasp.org/www-community/attacks/Cross_Site_Tracing • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3250
https://notcve.org/view.php?id=CVE-2005-3250
Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. • http://securitytracker.com/id?1015062 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101987-1 http://www.osvdb.org/20069 http://www.securityfocus.com/bid/15115 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3238
https://notcve.org/view.php?id=CVE-2005-3238
Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. • http://secunia.com/advisories/17198 http://securitytracker.com/id?1015059 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101881-1 http://www.osvdb.org/20013 •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3099
https://notcve.org/view.php?id=CVE-2005-3099
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code. • http://secunia.com/advisories/16955 http://secunia.com/advisories/17246 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101800-1 http://support.avaya.com/elmodocs2/security/ASA-2005-220.pdf http://www.osvdb.org/19699 http://www.osvdb.org/19700 https://exchange.xforce.ibmcloud.com/vulnerabilities/22410 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A943 •