CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1871
https://notcve.org/view.php?id=CVE-2002-1871
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-45693-1 http://www.iss.net/security_center/static/9544.php http://www.securityfocus.com/bid/5208 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2323
https://notcve.org/view.php?id=CVE-2002-2323
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-27807-1 http://www.iss.net/security_center/static/9665.php http://www.securityfocus.com/bid/5281 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-281: Improper Preservation of Permissions •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 3CVE-2002-2425 – Sun AnswerBook2 1.x - Unauthorized Administrative Script Access
https://notcve.org/view.php?id=CVE-2002-2425
Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request. • https://www.exploit-db.com/exploits/21677 http://archives.neohapsis.com/archives/bugtraq/2002-07/0486.html http://www.iss.net/security_center/static/9756.php http://www.securityfocus.com/bid/5383 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0CVE-2002-2203
https://notcve.org/view.php?id=CVE-2002-2203
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45502 http://www.iss.net/security_center/static/9492.php http://www.securityfocus.com/bid/5161 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2089
https://notcve.org/view.php?id=CVE-2002-2089
Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument. • http://cert.uni-stuttgart.de/archive/vuln-dev/2002/06/msg00262.html http://www.iss.net/security_center/static/9411.php http://www.securityfocus.com/bid/5085 •