Computer Security

Search:Software:Solaris 9
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



See also
  ORACLE : Solaris 11
  NVIDIA : NVIDIA Driver For Solaris 1.0
  ORACLE : Solaris 10
  SUN : Solaris 5.8
  SUN : Solaris 2.4
  SUN : Solaris 2.5
  SUN : Solaris 7
  ORACLE : Solaris 8
  SUN : Solaris 2.8
  SUN : Solaris 2.6
  SUN : Solaris 2.7
Name:ORACLE : Solaris 9

9!Oracle / Sun / Peoplesoft applications multiple security vulnerabilities
updated since 25.07.2011
document Quarterly critical patch update closes 78 different vulnerabilities in all major applications.
8!Oracle / Sun applications multiple security vulneraebilities
updated since 15.07.2010
document Quarterly update fixed 59 different vulnerabilities.
7!Sun Solaris sadmind multiple security vulnerabilities
document Integer overflow, buffer overflow.
 Solaris integer overflow
document Integer overflow in SYS_kaio syscall.
6!Sun Solaris Solstice AdminSuite daemon buffer overflow
document Buffer overflow in sadmind adm_build_path() function.
 Sun Solaris snoop format string vulnerability
document Format string vulnerability on SMB traffic parsing.
 Weak initial sequence number generation
updated since 03.05.2001
document Weak initial sequence number generation allows to spoof TCP connection.
 Sun Solaris finger information leak
document Additional accounts unformation is leaked if finger is requested with single digit argument.
6!Sun Solaris fragmented IP packets DoS
   
 Sun Solaris tip privilege escalation
document Privilege escalation to 'uucp' user.
8!Unzuthorized file access via file stdio decriptors in multiple Unix systems
updated since 22.04.2002
document By exhausting all file descriptors and closing stderr it's possible to causesituation called application will open new file with descriptor 2 and all stderr output will be redirected to file. In few systems it's enougth to close standard descriptor.
6!Sun Solaris rpcbind DoS
   
 UnixWare / Solaris X11R6 buffer overflow
updated since 08.09.2006
document Buffer overflow in XKEYBOARD extension.
6!Multiple Sun Solaris security vulnerabilities
document Privilege escalation with Role-Based Access Control, privilege escalation with 'format' if granted "File System Management" or similar role.
6!Solaris FTP server directory traversal
   
 SunSolaris libike IKE library DoS
   
 Sun Solaris LDAP client information leak
document Command parameters, including password are available from tasks list.
 Sun Solaris ps information leak
document ps -e allows to see environment variables for any process.
 Sun Solaris GSFS file system privilege escalation
   
 Multiple Sun Solaris vulnerabilities
document Different bugs lead to system crash and privilege escalation.
6!Multiple OSs, routers and firewalls IPSec ISAKMP IKE DoS
updated since 14.11.2005
document Multiple vulnerabilities detected with PROTOS IPSec security scanner.
 Sun Solaris XSun / Xprt privilege escalation
   
 Sun Solaris UFS file system driver DoS
document It's possible to cause "soft hang" if UFS logging is enabled.
6!ICMP and TCP timestamp attacks to reset TCP connections
updated since 13.04.2005
document By using different ICMP packet types and TCP timestamps values it's possible to cause TCP connection resets or performance decrease.
 Sun Solaris printd print daemon unauthorized files access
document It's possible to remove arbitrary files with printd user's privileges.
9!Sun Solaris LD_AUDIT privilege escalation
updated since 28.06.2005
document LD_AUDIT environment variable allows to attch external dynamic library compiled with ld.so library. In addition, there is buffer overflow while parsing this variable.
8!Multiple MIT krb5 Kerberos 5 vulnerabilities
document krb5_recvauth() double free() problem. Buffer overflow and memory corruption in KDC.
6!Solaris unprivileged port hijacking
updated since 20.04.2005
document It possible to bind a process to a non-privileged network port, which already has been bound
6!Multiple hardware platforms hyper threading technology systems information leak
updated since 13.05.2005
document Unprivileged thread can read data from privileged thread memory from CPU cache memory.
 Multiple Sun Solaris perl modules problems
document Safe.pm protection bypass, CGI.pm crossite scripting.
 Sun Solaris lpadmin symbolic links problem
   
6!Multiple FTP servers path globbing DoS
updated since 16.03.2001
document Command like ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* causes server to hang.
 Sun Solaris automountd DoS
document It's possible to stop automountd by accessing /xfn/_x500.
6!telnet client multiple buffer overflows
updated since 31.03.2005
document env_opt_add(), slc_add_reply() buffer overflows.
6!Solaris GSS API privilege escalation
document Ralative part is used to load library.
 Sun Solaris stfontserverd symboli links problem
   
 Sun Solaris kcms_configure (Kodak Color Management System) symbolic links problem
document Symbolic links problem then accessing current directory KCS_ClogFile file with elevated privileges.
 Sun Solaris FTP server system wide DoS
document By issuing PASV command it's possible to consume all available TCP ports.
 Sun Solaris arp flood DoS
document ARP flood causes system to hang.
 Sun Solaris UDP endpoints DoS
document Heavy UDP usage with large number of open sockets can cause system to panic.
6!Solaris in.rwhod privilege escalation
   
6!Solaris ping buffer overflow
   
 Solaris LDAP_RBAC privilege escalation
   
6!CDE libDtHelp buffer overflow
updated since 05.11.2003
document Buffer overflow on DTHELPUSERSEARCHPATH/LOGNAME variable parsing.
 Solaris dtmail format string bug
document format string bug in argv[0] allows privilege escalation to gid group.
 Sun Management Console information leak
document Because of directory traversal bug it's possible to check any system file existance.
6!Solaris NIS unauthorized passwords access
document After installing 113579-03 patch any user can access secure NIS maps, for example passwd.adjunct.byname.
7!Solaris vfs_getvfssw() call directory traversal
document Vulnerability allow local user to load kernel module.
6!Sun Solaris passwd priviledge escalation
   
7!Sun Solaris Runtime Linker buffer overflow
document Buffer overflow on LD_PRELOAD environment variable parsing.
7!Sun Solaris dtsession buffer overflow
document Heap overflow on HOME environment variable parsing.
10!Buffer overflow in Sun rpc
updated since 31.07.2002
document Buffer overflow in xdr_array primitive
8!Sun Solaris at unauthorized file removing
document Directory traversal in at -r paramter.
6!Sun Solaris Kodak Color Management System directory traversal)
document Directory traversal in KCS_OPEN_PROFILE may be exploited via ToolTalk.
 Solaris wall message spoofing
document It's possible to spoof message from any remote user.
9!Solaris priocntl() privelege escalation
document During external module loaging path is not checked.
 Sun X Window Font Service buffer overflow
   
7!Multiple bugs in CDE ToolTalk
updated since 11.07.2002
document Incomplete input validation in different remote calls.
6!Solaris 9 rcp buffer overflow
document Buffer overflow on long hostname:filename
 DoS через GNU fileutils
   
                    
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server