This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2001-06-18
Product Sunos Last view 2014-07-17
Version 5.9 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:sun:sunos

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4 2014-07-17 CVE-2014-4239

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Common Agent Container (Cacao).
4.9 2014-07-17 CVE-2014-4224

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11.1 allows local users to affect availability via unknown vectors related to sockfs.
4.6 2014-04-15 CVE-2014-0442

Unspecified vulnerability in Oracle Solaris 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Print Filter Utility.
4.9 2014-01-15 CVE-2013-5833

Unspecified vulnerability in Oracle Solaris 8 and 9 allows local users to affect availability via unknown vectors related to Filesystem.
4.6 2014-01-15 CVE-2013-5821

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via vectors related to RPC.
6 2013-07-17 CVE-2013-3786

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
6.4 2013-07-17 CVE-2013-3757

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vectors related to SMF/File Locking Services.
2.1 2013-07-17 CVE-2013-3745

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.
5 2013-07-17 CVE-2013-0398

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd).
3.6 2013-04-17 CVE-2013-0412

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect integrity and availability via unknown vectors related to Utility/pax.
5.9 2013-04-17 CVE-2013-0411

Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration.
6.4 2013-04-17 CVE-2013-0405

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality and integrity via vectors related to NFS client mounts and IPv6.
1.9 2013-04-17 CVE-2013-0403

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Utility.
2.1 2013-04-17 CVE-2012-0570

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.
2.1 2013-04-17 CVE-2012-0568

Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality via unknown vectors related to Utility/fdformat.
6.6 2013-01-16 CVE-2013-0400

Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Filesystem/cachefs.
6.6 2013-01-16 CVE-2013-0399

Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Umount.
4.9 2012-10-16 CVE-2012-3207

Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel.
3.6 2012-10-16 CVE-2012-3165

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality and integrity via unknown vectors related to mailx.
4.3 2012-07-17 CVE-2012-3131

Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows remote attackers to affect confidentiality, related to Network/NFS.
7.1 2012-07-17 CVE-2012-3125

Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows remote attackers to affect availability, related to TCP/IP.
2.6 2012-07-17 CVE-2012-3122

Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local users to affect confidentiality and integrity via unknown vectors related to sort.
5 2012-07-17 CVE-2012-3121

Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote attackers to affect availability via unknown vectors related to in.tnamed and NameServer.
4.4 2012-07-17 CVE-2012-1750

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to mailx.
2.1 2012-07-17 CVE-2012-0563

Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kerberos/klist.

CWE : Common Weakness Enumeration

%idName
16% (2) CWE-264 Permissions, Privileges, and Access Controls
16% (2) CWE-189 Numeric Errors
16% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
16% (2) CWE-16 Configuration
8% (1) CWE-399 Resource Management Errors
8% (1) CWE-255 Credentials Management
8% (1) CWE-134 Uncontrolled Format String
8% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-2 Inducing Account Lockout
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-96 Block Access to Libraries
CAPEC-147 XML Ping of Death
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78427 Oracle Solaris Kernel Component Unspecified Local DoS (2012-0098)
78425 Oracle Solaris sshd Component Unspecified Remote DoS
78424 Oracle Solaris TCP/IP Component Unspecified Local Issue
78422 Oracle Solaris Network Component Unspecified Remote DoS
78421 Oracle Solaris Kerberos Component Unspecified Local Privilege Escalation
78420 Oracle Solaris TCP/IP Component Unspecified Remote DoS
76467 Oracle Solaris LDAP Library Component Unspecified Remote Issue
73966 Oracle Solaris rksh Unspecified Local Issue
73965 Oracle Solaris Driver/USB Unspecified Local DoS
73963 Oracle Solaris UFS Unspecified Local DoS
73958 Oracle Solaris TCP/IP Unspecified Remote DoS
73955 Oracle Solaris fingerd Unspecified Remote DoS
71943 Oracle Solaris LOFS Unspecified Local DoS
71941 Oracle Solaris uucp Unspecified Local Issue
71939 Oracle Solaris Kernel Unspecified Local Unauthenticated DoS
71938 Oracle Solaris Kernel Unspecified Local Authenticated DoS
71936 Oracle Solaris Administration Utilities Unspecified Local Issue
71935 Oracle Solaris wbem Unspecified Local Information Disclosure
71646 Oracle Solaris Backout File (undo.Z) Permissions Weakness Password Hash Local...
70569 CDE Calendar Manager Service Daemon / RPC Remote Code Execution
70550 Solaris libc Unspecified Local Issue
70532 Solaris XScreenSaver Unspecified Local Issue
68527 NetBSD ftpd / sftpd Server Process GLOB_LIMIT Crafted Command Pattern Remote DoS
60514 Solaris LDAP Client Configuration Cache Daemon (ldap_cachemgr(1M)) Multiple U...
60301 Solaris vfs_getvfssw Function Traversal Arbitrary Kernel Module Loading Privi...

ExploitDB Exploits

id Description
24450 FreeBSD 9.1 ftpd Remote Denial of Service
16137 Multiple Vendor Calendar Manager Remote Code Execution
15215 Multiple Vendors libc/glob(3) Resource Exhaustion (+0day remote ftpd-anon)
5227 Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-9386
File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11182
File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11755
File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-10 Name : Debian Security Advisory DSA 2501-1 (xen)
File : nvt/deb_2501_1.nasl
2012-08-10 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD16.nasl
2012-08-10 Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8)
File : nvt/deb_2508_1.nasl
2012-08-06 Name : Fedora Update for xen FEDORA-2012-11190
File : nvt/gb_fedora_2012_11190_xen_fc16.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2012:0721 centos5
File : nvt/gb_CESA-2012_0721_kernel_centos5.nasl
2012-06-28 Name : Fedora Update for xen FEDORA-2012-9430
File : nvt/gb_fedora_2012_9430_xen_fc15.nasl
2012-06-28 Name : Fedora Update for xen FEDORA-2012-9399
File : nvt/gb_fedora_2012_9399_xen_fc16.nasl
2012-06-15 Name : RedHat Update for kernel RHSA-2012:0721-01
File : nvt/gb_RHSA-2012_0721-01_kernel.nasl
2012-06-13 Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
File : nvt/secpod_ms12-042.nasl
2011-08-19 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)
File : nvt/secpod_macosx_su11-004.nasl
2011-03-24 Name : Mandriva Update for vsftpd MDVSA-2011:049 (vsftpd)
File : nvt/gb_mandriva_MDVSA_2011_049.nasl
2011-02-28 Name : HP-UX Update for CDE Calendar Manager HPSBUX02628
File : nvt/gb_hp_ux_HPSBUX02628.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0107 Multiple Vulnerabilities in Oracle & Sun Systems Products Suite
Severity: Category I - VMSKEY: V0053187
2014-A-0058 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0049579
2014-A-0012 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0043396
2013-A-0194 Multiple Vulnerabilities in Juniper Networks JUNOS
Severity: Category I - VMSKEY: V0040788
2011-B-0026 HP-UX Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0026084
2008-T-0043 Multiple Sun Solaris snoop Vulnerabilities
Severity: Category II - VMSKEY: V0017141
2008-T-0029 Sun Solaris Unspecified Remote Denial of Service Vulnerability
Severity: Category II - VMSKEY: V0016060
2008-T-0022 Sun Solaris TCP Implementation SYN Flood Denial of Service
Severity: Category I - VMSKEY: V0016026
2008-T-0021 Sun Solaris Print Service Unspecified Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0016018

Snort® IPS/IDS

Date Description
2014-01-10 Oracle Solaris LPD overflow attempt
RuleID : 3527 - Type : OS-SOLARIS - Revision : 13
2014-01-10 CDE Calendar Manager service memory corruption attempt
RuleID : 19173 - Type : PROTOCOL-RPC - Revision : 10
2014-01-10 CWD ~<CR><NEWLINE> attempt
RuleID : 1728 - Type : FTP - Revision : 8
2014-01-10 CWD ~ attempt
RuleID : 1672-community - Type : PROTOCOL-FTP - Revision : 22
2014-01-10 CWD ~ attempt
RuleID : 1672 - Type : PROTOCOL-FTP - Revision : 22

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0020.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0021.nasl - Type: ACT_GATHER_INFO
2014-11-26 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2012-0022.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU apr2012.
File: solaris_apr2012_SRU3.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU apr2012.
File: solaris_apr2012_SRU4.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU apr2013.
File: solaris_apr2013_SRU3.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU apr2013.
File: solaris_apr2013_SRU4a.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU apr2013.
File: solaris_apr2013_SRU5.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU apr2014.
File: solaris_apr2014_SRU11_1_17_5_0.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU jan2014.
File: solaris_jan2014_SRU1_4.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU jul2012.
File: solaris_jul2012_SRU7_5.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU jul2012.
File: solaris_jul2012_SRU8_5.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU jul2012.
File: solaris_jul2012_SRU9_5.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU jul2014.
File: solaris_jul2014_SRU11_1_18_5_0.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU jul2014.
File: solaris_jul2014_SRU11_1_19_6_0.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU july2013.
File: solaris_july2013_SRU0.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU july2013.
File: solaris_july2013_SRU5_5.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU july2013.
File: solaris_july2013_SRU6_6.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU oct2012.
File: solaris_oct2012_SRU10_5.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU oct2012.
File: solaris_oct2012_SRU12_4.nasl - Type: ACT_GATHER_INFO
2014-07-26 Name: The remote Solaris system is missing a security patch from CPU oct2012.
File: solaris_oct2012_SRU8_5.nasl - Type: ACT_GATHER_INFO
2014-07-17 Name: The remote host is missing Sun Security Patch number 121972-06
File: solaris8_121972.nasl - Type: ACT_GATHER_INFO
2014-07-17 Name: The remote host is missing Sun Security Patch number 121973-06
File: solaris8_x86_121973.nasl - Type: ACT_GATHER_INFO
2014-07-17 Name: The remote host is missing Sun Security Patch number 118335-10
File: solaris9_118335.nasl - Type: ACT_GATHER_INFO
2014-07-17 Name: The remote host is missing Sun Security Patch number 120463-07
File: solaris9_x86_120463.nasl - Type: ACT_GATHER_INFO