Computer Security

Search:Software:Solaris 10
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



See also
  SUN : Solaris 11
  NVIDIA : NVIDIA Driver For Solaris 1.0
  SUN : Solaris 9
  SUN : Solaris 5.8
  SUN : Solaris 2.4
  SUN : Solaris 2.5
  SUN : Solaris 7
  SUN : Solaris 8
  SUN : Solaris 2.8
  SUN : Solaris 2.6
Name:SUN : Solaris 10

 Sun Solaris snoop format string vulnerability
document Format string vulnerability on SMB traffic parsing.
6!Sun Solaris rpc.ypupdated code execution
document Insufficient RPC requests filtering.
7!Sun Solaris ICMP DoS
updated since 01.02.2007
document Malformed ICMP packets cause system to crash.
 Sun Solaris SRS Proxy Core
document srsexec syslog() call format string vulnerability.
 Sun Solaris srsexec unauthorized files accesss
document By using combination of -d and -v command line options it's possible to read first line of any file.
 Sun Solaris facl() DoS
document Integer overflow on ACE_SETACL processing.
6!Sun Solaris fragmented IP packets DoS
   
10!Sun Solaris unauthorized access
updated since 11.02.2007
document User's pasword is not checked in telnet session if F flag is set. On older versions defining TTYPROMPT variable allows unauthorized access with bin group privileges. Vulnerability is used by internet worm.
6!Sun Solaris TCP packets processing race conditions
document DoS against system is possible.
 Sun Solaris Loopback Filesystem protection bypass
document Users can rename and delete files in read-only file system.
 Sun Solaris tip privilege escalation
document Privilege escalation to 'uucp' user.
6!Multiple Sun Solaris vulnerabilities
document Buffer overflow in ld.so doprf(), directory traversal on parsing different environment variables in ld.so.
 Sun Solaris NSPR library privilege escalation
document Environment variable is used for log filename.
 Sun Solaris IPv6 DoS
   
 UnixWare / Solaris X11R6 buffer overflow
updated since 08.09.2006
document Buffer overflow in XKEYBOARD extension.
 Sun Solaris pkgadd weak permissions
document 755 or 777 access mode is set if "mode" field of package contains any ?.
6!Multiple Sun Solaris security vulnerabilities
document Privilege escalation with Role-Based Access Control, privilege escalation with 'format' if granted "File System Management" or similar role.
 Solaris race conditions
document Race condition on netstat or SNMP query during ifconfig causes DoS.
 Sun Solaris DoS
document System panic in drain_squeue() on large number of TCP connections.
6!Sun Solaris information leak
document sysinfo() function leaks kernel memory content.
 SunSolaris libike IKE library DoS
   
 Sun Solaris libpkcs11 library privilege escalation
document Privilege escalation with getpwnam() functions family.
 Sun Solaris GSFS file system privilege escalation
   
 Sun Solaris in.rexecd privilege escalation
   
 Multiple Sun Solaris vulnerabilities
document Different bugs lead to system crash and privilege escalation.
6!Multiple OSs, routers and firewalls IPSec ISAKMP IKE DoS
updated since 14.11.2005
document Multiple vulnerabilities detected with PROTOS IPSec security scanner.
6!Sun Solaris traceroute buffer overflow
updated since 25.06.2005
document Buffer overflow on large number of -g arguments, on malformed -s argument allow raw socket access.
 Sun Solaris SCTP socket option DoS
   
 Multiple Sun Solaris vulnerabilities
document File system privilege management feature panic. procfs protected file names information leak.
 Sun Solaris XSun / Xprt privilege escalation
   
 Sun Solaris tl driver DoS
   
6!ICMP and TCP timestamp attacks to reset TCP connections
updated since 13.04.2005
document By using different ICMP packet types and TCP timestamps values it's possible to cause TCP connection resets or performance decrease.
 Sun Solaris printd print daemon unauthorized files access
document It's possible to remove arbitrary files with printd user's privileges.
9!Sun Solaris LD_AUDIT privilege escalation
updated since 28.06.2005
document LD_AUDIT environment variable allows to attch external dynamic library compiled with ld.so library. In addition, there is buffer overflow while parsing this variable.
8!Multiple MIT krb5 Kerberos 5 vulnerabilities
document krb5_recvauth() double free() problem. Buffer overflow and memory corruption in KDC.
6!Multiple hardware platforms hyper threading technology systems information leak
updated since 13.05.2005
document Unprivileged thread can read data from privileged thread memory from CPU cache memory.
6!Multiple FTP servers path globbing DoS
updated since 16.03.2001
document Command like ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* causes server to hang.
 Sun Solaris libc privilege escalation
   
6!telnet client multiple buffer overflows
updated since 31.03.2005
document env_opt_add(), slc_add_reply() buffer overflows.
7!top formatstring bug
updated since 02.11.2000
document Format string bug allows kmem group privilege escalation.
7!Solaris vfs_getvfssw() call directory traversal
document Vulnerability allow local user to load kernel module.
 DoS через GNU fileutils
   
                    
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru