CVE-2003-1071 – Sun Solaris 2.5.1/2.6/7.0/8/9 Wall - Spoofed Message Origin
https://notcve.org/view.php?id=CVE-2003-1071
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. • https://www.exploit-db.com/exploits/22120 http://secunia.com/advisories/7825 http://sunsolve.sun.com/search/document.do?assetkey=1-26-51980-1 http://www.kb.cert.org/vuls/id/944241 http://www.securityfocus.com/archive/1/305105 http://www.securityfocus.com/bid/6509 http://www.securitytracker.com/id?1005882 http://www.securitytracker.com/id?1006682 https://exchange.xforce.ibmcloud.com/vulnerabilities/11608 •
CVE-2002-1871
https://notcve.org/view.php?id=CVE-2002-1871
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-45693-1 http://www.iss.net/security_center/static/9544.php http://www.securityfocus.com/bid/5208 •
CVE-2002-2203
https://notcve.org/view.php?id=CVE-2002-2203
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45502 http://www.iss.net/security_center/static/9492.php http://www.securityfocus.com/bid/5161 •
CVE-2002-1980
https://notcve.org/view.php?id=CVE-2002-1980
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45707 http://www.iss.net/security_center/static/9545.php http://www.securityfocus.com/bid/5207 •
CVE-2002-1584
https://notcve.org/view.php?id=CVE-2002-1584
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. • ftp://patches.sgi.com/support/free/security/advisories/20030402-01-P http://secunia.com/advisories/7899 http://sunsolve.sun.com/search/document.do?assetkey=1-26-46944-1 http://www.kb.cert.org/vuls/id/518057 http://www.securityfocus.com/bid/6484 http://www.securitytracker.com/id?1005934 https://exchange.xforce.ibmcloud.com/vulnerabilities/10935 •