1. Forum
  2. Usenet
  3. COMP.UNIX.SOLARIS

  • Exploits so far for Solaris OS :P:D

    From Large Hadron Collider@21:1/5 to danix on Mon Nov 25 00:24:17 2019
    On 19-01-06 20 h 28, danix wrote:
    https://www.exploit-db.com/?platform=solaris

    and

    https://cxsecurity.com/search/wlb/DESC/AND/2019.1.6.1999.1.1/0/10/solaris/

    Be safe with your OS , use open source , there are so many nice distros around:

    https://distrowatch.com/

    I would advice OpenBSD which is in fact the safest and you can use Libreoffice , IDE like Intellij or netbeans (Eclipse not supported) and
    many other ports from people from freebsd :P:D


    danix@post.com


    example:
    Med.

    Solaris RSH Stack Clash Privilege Escalation (Metasploit)

    22.10.2018

    Metasploit
    Med.

    Solaris RSH Stack Clash Privilege Escalation

    16.10.2018

    Brendan Coles
    Med.

    Oracle Solaris Bind/Postinstall script for Bind package local root

    05.10.2018

    Larry W. Cashdollar
    Med.

    Solaris 2.7/2.8 catman Temp File Vulnerability

    27.09.2018

    Larry W. Cashdollar
    Med.

    Solaris EXTREMEPARR dtappgather Privilege Escalation

    25.09.2018

    Brendan Coles
    Med.

    Solaris libnspr NSPR_LOG_FILE Privilege Escalation

    18.09.2018

    Marco Ivaldi
    High

    Sun Solaris 11.3 AVS Local Kernel Root

    03.08.2018

    mu-b
    Med.

    Oracle Solaris 11.1 / 11.3 RSH Local Root Stack Clash Exploit

    29.06.2017

    Qualys
    Med.

    Solaris x86 / SPARC EXTREMEPARR dtappgather Privilege Escalation

    13.04.2017

    Hacker Fantastic
    High

    Solaris Recommended Patch Cluster 6/19 local root on x86

    16.12.2013

    Larry W. Cashdollar
    Med.

    Solaris Recommended Patch Cluster 6/19 Local Root

    09.07.2013

    Larry W. Cashdollar
    Med.

    Solaris 10 patch cluster File clobbering vulnerability

    19.06.2013

    Larry W. Cashdollar
    Med.

    Solaris 10 Patch Cluster Symlink Attack

    09.08.2012

    Larry W. Cashdollar
    Med.

    Oracle Solaris CVE-2010-3503 \'su\' Local Solaris Vulnerability

    15.10.2010

    prdelka
    Med.

    Solaris flar an unsafe use of temporary files

    23.07.2010

    null
    High

    Sun Solaris 10 libc/*convert (*cvt) buffer overflow

    23.05.2010

    Maksymilian Arciemowic...
    Med.

    Sun Solaris 10 filesystem rm, find, etc denial of service

    23.05.2010

    Maksymilian Arciemowic...
    Low

    Sun Solaris 10 ftpd cross site request forgery

    23.05.2010

    Maksymilian Arciemowic...
    Med.

    Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service

    21.05.2010

    Maksymilian Arciemowic...
    Med.

    Solaris Update manager and Sun Patch Cluster - Symlink attack

    01.04.2010

    DHS
    Med.

    Symlink attack with Solaris Update manager and Sun Patch Cluster

    26.03.2010

    Larry W. Cashdollar
    High

    HP Operations Agent 8.53 (solaris 10) Remote Unauthorized Access

    11.02.2010

    HP
    High

    Oracle Solaris UCODE_GET_VERSION IOCTL Kernel NULL Pointer Deref

    06.02.2010

    Tobias Klein
    High

    Oracle Solaris UCODE_GET_VERSION IOCTL Kernel NULL Pointer Dereference

    03.02.2010

    Tobias Klein
    Med.

    Sun Solaris \"sadmind\" Integer Overflow Vuln

    26.05.2009

    Secunia Research
    High

    Sun Solaris \"sadmind\" Buffer Overflow Vuln

    26.05.2009

    Secunia Research
    Low

    HP Select Access Running on HP-UX, Linux, Solaris

    04.02.2009

    security-alert
    High

    Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL pointer dereference

    25.12.2008

    Tobias Klein
    High

    Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit

    22.10.2008

    Federico L. Bossi Boni...
    Med.

    Sun Solaris 7 through 9 finger bug

    This is so offtopic as to border on the delusional. I'm not saying it's factually wrong, but this is not the forum to be reporting that kind of
    thing, especially with that framing. Also, Solaris administrators who
    want something open source will be best served by getting on illumos, a
    mirror that continues to be open-source of the Open-Solaris gate (from
    before the OpenSolaris project concluded; some time after Nevada was
    started - so now there are two Nevada Solarises in the world) that has
    still not "fully freed itself" (quote from some scripts in the OS/Net
    build tooling).

    For what it's worth, I am posting this message from a FreeBSD machine,
    an open-source Berkeley software distribution of UNIX which has
    incorporated some enhancements from illumos like ZFS and D-Trace (and I
    hope to be the reason, through my own blood, sweat, and tears, it also incorporates the concept of process contracts).

    --
    Wanna make a Tory angry? Tell him the truth.

    Wanna make an American conservative angry? Tell him something
    truthy, be it true or not. Those guys LIVE ON LIES.

    Wanna make a liberal angry... correction, sad? Tell 'em you
    believe Conservative bullshit.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)