Page 84 of 609 results (0.003 seconds)

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 1

pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY. • http://securitytracker.com/id?1002732 http://securitytracker.com/id?1004035 http://sunsolve.sun.com/search/document.do?assetkey=1-26-43929-1 http://www.securityfocus.com/bid/3522 •

CVSS: 10.0EPSS: 23%CPEs: 1EXPL: 5

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. • https://www.exploit-db.com/exploits/1167 https://www.exploit-db.com/exploits/9921 https://www.exploit-db.com/exploits/16322 https://www.exploit-db.com/exploits/21097 http://marc.info/?l=bugtraq&m=99929694701826&w=2 http://metasploit.com/projects/Framework/modules/exploits/solaris_lpd_exec.pm http://www.derkeiler.com/Mailing-Lists/securityfocus/incidents/2001-08/0490.html http://www.osvdb.org/15131 http://www.securityfocus.com/bid/3274 https://exchange.xforce.ibmcloud.co • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 4

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. • https://www.exploit-db.com/exploits/20970 https://www.exploit-db.com/exploits/20969 http://seclists.org/bugtraq/2001/Jul/0077.html http://seclists.org/bugtraq/2001/Jul/0091.html http://seclists.org/bugtraq/2001/Jun/0365.html http://www.securiteam.com/unixfocus/5IP0O2A4KS.html http://www.securityfocus.com/bid/2931 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 97%CPEs: 43EXPL: 9

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://www.exploit-db.com/exploits/16928 https://www.exploit-db.com/exploits/346 https://www.exploit-db.com/exploits/716 https://www.exploit-db.com/exploits/57 https://www.exploit-db.com/exploits/9917 https://www.exploit-db.com/exploits/16327 https://www.exploit-db.com/exploits/10036 https://www.exploit-db.com/exploits/21179 ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/ •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2

Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. • https://www.exploit-db.com/exploits/21058 https://www.exploit-db.com/exploits/21059 http://marc.info/?l=bugtraq&m=99745571104126&w=2 http://www.securityfocus.com/bid/3160 https://exchange.xforce.ibmcloud.com/vulnerabilities/6967 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A131 •