SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing...

Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and p...

SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.

Command execution in Sun systems via buffer overflow in the at program.

Buffer overflow in SunOS/Solaris ps command.

In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.

SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.

Buffer overflows in Sun libnsl allow root access.

Buffer overflow in NIS+, in Sun's rpc.nisd program.

Sun's ftpd daemon can be subjected to a denial of service.

cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/...

Solaris SUNWadmap can be exploited to obtain root access.

SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.

Buffer overflow in Sun's ping program can give root access to local users.

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.

Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, w...