This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2002-12-11
Product Solaris Last view 2009-08-07
Version 9.0 Type Os
Update *  
Edition x86  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:sun:solaris

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.9 2009-08-07 CVE-2009-2711

XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276.

4.9 2009-07-29 CVE-2009-2644

Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."

5 2009-06-11 CVE-2009-2029

Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.

10 2009-05-26 CVE-2008-3870

Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.

10 2009-05-26 CVE-2008-3869

Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.

7.2 2008-06-16 CVE-2008-2710

Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison.

7.6 2007-11-29 CVE-2007-6180

Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors.

4.9 2007-10-23 CVE-2007-5632

Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions.

7.8 2007-10-15 CVE-2007-5462

Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems.

7.2 2007-10-11 CVE-2007-5365

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.

3.5 2007-10-09 CVE-2007-5319

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.

4.9 2007-09-27 CVE-2007-5132

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."

4.9 2007-09-06 CVE-2007-4732

Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.

4.9 2007-08-22 CVE-2007-4495

Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124.

4.9 2007-08-22 CVE-2007-4492

Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123.

4.9 2007-07-30 CVE-2007-4070

Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.

7.2 2007-06-28 CVE-2007-3471

Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.

4.9 2007-06-27 CVE-2007-3458

The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.

6.8 2007-06-19 CVE-2007-3283

GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.

9 2007-06-06 CVE-2007-3094

Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.

10 2007-06-06 CVE-2007-3093

Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.

7.8 2007-06-01 CVE-2007-2989

The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298.

5 2007-05-29 CVE-2007-2882

Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.

4.7 2007-05-02 CVE-2007-2465

Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function.

4.7 2006-12-04 CVE-2006-6275

Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.

CWE : Common Weakness Enumeration

%idName
26% (4) CWE-362 Race Condition
13% (2) CWE-264 Permissions, Privileges, and Access Controls
13% (2) CWE-189 Numeric Errors
13% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
13% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
13% (2) CWE-20 Improper Input Validation
6% (1) CWE-200 Information Exposure

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-67 String Format Overflow in syslog()
CAPEC-92 Forced Integer Overflow
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks

SAINT Exploits

Description Link
Samba call_trans2open buffer overflow More info here
Solaris loadable kernel module directory traversal More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
60454 dtterm Window Title Escape Sequence Arbitrary Command Execution
60301 Solaris vfs_getvfssw Function Traversal Arbitrary Kernel Module Loading Privi...
60298 Solaris Multiple Patches Basic Security Module (BSM) Auditing Disablement
59830 Solaris utmp_update Function Local Overflow
56854 Solaris XScreenSaver (xscreensaver(1)) PopUp Window Information Disclosure
56607 Solaris Auditing Subsystem Extended File Attributes Race Condition Local DoS
55049 Solaris rpc.nisd(1M) NIS+ Server Unspecified DoS
54668 Solaris sadmind Crafted RPC Request Remote Overflow
54663 Solaris sadmind RPC Request Parameter Decoding Remote Overflow
46193 Solaris Kernel SIOCSIPMSFILTER IOCTL Request IP Multicast Filter Local Privil...
41687 Multiple Vendor dhcpd options.c cons_options Function DHCP Request Remote Ove...
40821 Solaris Remote Procedure Call kernel Module (rpcmod) Unspecified Local Race C...
40814 Solaris RPC Services Library (librpcsvc(3LIB)) Unspecified Packet Handling Re...
38483 Solaris Kernel Statistics Retrieval Unspecified Local DoS
37715 Solaris vuidmice STREAMS Modules Unspecified Local DoS
37712 Solaris Kernel Thread Context Handling Local DoS
37323 Solaris Special File System (SPECFS) strfreectty Function Local DoS
36615 Solaris ata(7D) Disk Driver IOCTLs Local DoS
36612 Solaris Low Bandwidth X Proxy (lbxproxy) Local Privileged File Access
36608 Solaris Common Desktop Environment (CDE) Session Manager dtsession Local Over...
36594 Solaris libsldap Unspecified Local nscd DoS
36591 Solaris Management Console (SMC) WBEM Server Unspecified Remote Code Execution
36590 Solaris Management Console (SMC) WBEM Server Logging Mechanism Unspecified Re...
36586 Solaris GNOME Session xscreensaver Local Session Hijacking
36584 Solaris libike Library in.iked Unspecified Remote DoS

ExploitDB Exploits

id Description
23765 Sun Solaris 8/9 Unspecified Passwd Local Root Compromise Vulnerability
4601 Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit
2360 X11R6 <= 6.4 XKEYBOARD - Local Buffer Overflow Exploit (solaris/sparc)
1182 Solaris 2.6/7/8/9 (ld.so.1) Local Root Exploit (sparc)
715 Solaris 8/9 passwd circ() Local Root Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-10-13 Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-20
File : nvt/gb_solaris_112837_20.nasl
2009-10-13 Name : Solaris Update for rpc.nisd 140918-02
File : nvt/gb_solaris_140918_02.nasl
2009-10-13 Name : Solaris Update for rpc.nisd 140917-02
File : nvt/gb_solaris_140917_02.nasl
2009-10-13 Name : Solaris Update for sadmind 116453-03
File : nvt/gb_solaris_116453_03.nasl
2009-10-13 Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-19
File : nvt/gb_solaris_114265_19.nasl
2009-09-23 Name : Solaris Update for sadmind 116455-02
File : nvt/gb_solaris_116455_02.nasl
2009-09-23 Name : Solaris Update for rpc.nisd 140918-01
File : nvt/gb_solaris_140918_01.nasl
2009-09-23 Name : Solaris Update for sadmind 116454-03
File : nvt/gb_solaris_116454_03.nasl
2009-09-23 Name : Solaris Update for sadmind 116442-02
File : nvt/gb_solaris_116442_02.nasl
2009-06-03 Name : Solaris Update for /usr/lib/utmp_update 113650-02
File : nvt/gb_solaris_113650_02.nasl
2009-06-03 Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-17
File : nvt/gb_solaris_114265_17.nasl
2009-06-03 Name : Solaris Update for uucp 113322-03
File : nvt/gb_solaris_113322_03.nasl
2009-06-03 Name : Solaris Update for dtsession 113241-13
File : nvt/gb_solaris_113241_13.nasl
2009-06-03 Name : Solaris Update for CDE 1.5 113240-13
File : nvt/gb_solaris_113240_13.nasl
2009-06-03 Name : Solaris Update for ufs and fsck 113073-14
File : nvt/gb_solaris_113073_14.nasl
2009-06-03 Name : Solaris Update for /usr/sbin/format 113072-08
File : nvt/gb_solaris_113072_08.nasl
2009-06-03 Name : Solaris Update for /usr/sbin/syslogd 112998-05
File : nvt/gb_solaris_112998_05.nasl
2009-06-03 Name : Solaris Update for krb5 lib 112922-02
File : nvt/gb_solaris_112922_02.nasl
2009-06-03 Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-18
File : nvt/gb_solaris_112837_18.nasl
2009-06-03 Name : Solaris Update for at utility 114135-03
File : nvt/gb_solaris_114135_03.nasl
2009-06-03 Name : Solaris Update for vuidm5p/vuidm4p/vuid3ps2/vuid2ps2 114154-02
File : nvt/gb_solaris_114154_02.nasl
2009-06-03 Name : Solaris Update for CDE 1.5 114219-11
File : nvt/gb_solaris_114219_11.nasl
2009-06-03 Name : Solaris Update for sdtimage 114220-11
File : nvt/gb_solaris_114220_11.nasl
2009-06-03 Name : Solaris Update for uucp 111571-04
File : nvt/gb_solaris_111571_04.nasl
2009-06-03 Name : Solaris Update for format 114423-07
File : nvt/gb_solaris_114423_07.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0012 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0043396
2009-T-0028 Multiple Buffer Overflow Vulnerabilities in Sun Solaris
Severity: Category II - VMSKEY: V0019230

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10 RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2017-08-29 Sun Solaris dhcpd malformed bootp denial of service attempt
RuleID : 43752 - Type : SERVER-OTHER - Revision : 2
2014-01-10 RETR overflow attempt
RuleID : 2392-community - Type : PROTOCOL-FTP - Revision : 22
2014-01-10 RETR overflow attempt
RuleID : 2392 - Type : PROTOCOL-FTP - Revision : 22
2014-01-10 APPE overflow attempt
RuleID : 2391-community - Type : PROTOCOL-FTP - Revision : 17
2014-01-10 APPE overflow attempt
RuleID : 2391 - Type : PROTOCOL-FTP - Revision : 17
2014-01-10 STOU overflow attempt
RuleID : 2390-community - Type : PROTOCOL-FTP - Revision : 12
2014-01-10 STOU overflow attempt
RuleID : 2390 - Type : PROTOCOL-FTP - Revision : 12
2014-01-10 RNTO overflow attempt
RuleID : 2389-community - Type : PROTOCOL-FTP - Revision : 21
2014-01-10 RNTO overflow attempt
RuleID : 2389 - Type : PROTOCOL-FTP - Revision : 21
2014-01-10 Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10 Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10 Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269-community - Type : SERVER-MAIL - Revision : 15
2014-01-10 Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269 - Type : SERVER-MAIL - Revision : 15
2014-01-10 Sendmail MAIL FROM prescan too long addresses overflow
RuleID : 2268-community - Type : SERVER-MAIL - Revision : 16
2014-01-10 Sendmail MAIL FROM prescan too long addresses overflow
RuleID : 2268 - Type : SERVER-MAIL - Revision : 16
2014-01-10 Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267-community - Type : SERVER-MAIL - Revision : 15
2014-01-10 Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267 - Type : SERVER-MAIL - Revision : 15
2014-01-10 Sendmail SOML FROM prescan too long addresses overflow
RuleID : 2266-community - Type : SERVER-MAIL - Revision : 16
2014-01-10 Sendmail SOML FROM prescan too long addresses overflow
RuleID : 2266 - Type : SERVER-MAIL - Revision : 16
2014-01-10 Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265-community - Type : SERVER-MAIL - Revision : 14
2014-01-10 Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265 - Type : SERVER-MAIL - Revision : 14
2014-01-10 Sendmail SAML FROM prescan too long addresses overflow
RuleID : 2264-community - Type : SERVER-MAIL - Revision : 16
2014-01-10 Sendmail SAML FROM prescan too long addresses overflow
RuleID : 2264 - Type : SERVER-MAIL - Revision : 16

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-04-02 Name: The remote host is missing Sun security patch number 119059-46.
File: solaris10_119059_46.nasl - Type: ACT_GATHER_INFO
2015-04-02 Name: The remote host is missing Sun security patch number 119060-45.
File: solaris10_x86_119060_45.nasl - Type: ACT_GATHER_INFO
2014-01-27 Name: The remote host is missing Sun Security Patch number 150863-01
File: solaris8_150863.nasl - Type: ACT_GATHER_INFO
2014-01-27 Name: The remote host is missing Sun Security Patch number 113911-02
File: solaris9_113911.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2003-080.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_f04cc5cb2d0b11d8beaf000a95c4d922.nasl - Type: ACT_GATHER_INFO
2008-01-04 Name: The remote host is missing Sun Security Patch number 128625-11
File: solaris8_x86_128625.nasl - Type: ACT_GATHER_INFO
2008-01-02 Name: The remote host is missing Sun Security Patch number 128624-11
File: solaris8_128624.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-531-1.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-531-2.nasl - Type: ACT_GATHER_INFO
2007-10-25 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2007-0970.nasl - Type: ACT_GATHER_INFO
2007-10-19 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1388.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote host is missing Sun Security Patch number 127548-01
File: solaris8_127548.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote host is missing Sun Security Patch number 127549-01
File: solaris8_x86_127549.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote host is missing Sun Security Patch number 123396-01
File: solaris9_123396.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote host is missing Sun Security Patch number 123397-01
File: solaris9_x86_123397.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35483.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35484.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35485.nasl - Type: ACT_GATHER_INFO
2007-07-02 Name: The remote host is missing Sun Security Patch number 125279-05
File: solaris10_125279.nasl - Type: ACT_GATHER_INFO
2007-07-02 Name: The remote host is missing Sun Security Patch number 125280-05
File: solaris10_x86_125280.nasl - Type: ACT_GATHER_INFO
2007-04-19 Name: The remote host is missing Sun Security Patch number 115298-01
File: solaris8_115298.nasl - Type: ACT_GATHER_INFO
2007-04-19 Name: The remote host is missing Sun Security Patch number 115299-01
File: solaris8_x86_115299.nasl - Type: ACT_GATHER_INFO
2007-03-18 Name: The remote host is missing Sun Security Patch number 122300-61
File: solaris9_122300.nasl - Type: ACT_GATHER_INFO
2007-03-18 Name: The remote host is missing Sun Security Patch number 122301-61
File: solaris9_x86_122301.nasl - Type: ACT_GATHER_INFO