|
SECURITY INFORMATION
For the latest information about security issues, see the
Security Sun Alert collection.
Security Bulletin Archive.... (all columns are sortable)
|
Bulletin |
Date |
Topic |
Cross-Ref |
|
00220
|
2002, November 19
|
Double Free bug in zlib compression library
|
|
|
00219
|
2002, June 04
|
SEA SNMP
|
|
|
00218
|
2002, March 18
|
Bytecode Verifier
|
|
|
00217
|
2002, March 18
|
Java(TM) Web Start
|
|
|
00216
|
2002, March 04
|
HttpURLConnection
|
|
|
00215
|
2002, February 12
|
snmpdx
|
|
|
00214
|
2002, January 08
|
dtspcd
|
|
|
00213
|
2001, December 14
|
login
|
|
|
00212
|
2001, November 13
|
rpc.ttdbserverd
|
|
|
00211
|
2001, October 23
|
xntpd
|
|
|
00210
|
2001, October 23
|
ufsrestore
|
|
|
00209
|
2001, October 22
|
rpc.yppasswdd
|
|
|
00208
|
2001, October 22
|
Swing
|
|
|
00207
|
2001, August 30
|
snmpXdmid
|
|
|
00206
|
2001, August 30
|
in.lpd
|
|
|
00205
|
2001, August 02
|
in.ftpd
|
|
|
00204
|
2001, June 26
|
BIND
|
|
|
00203
|
2001, June 21
|
ypbind
|
|
|
00202
|
2001, May 15
|
i386 syscalls
|
|
|
00201
|
2001, February 21
|
Java Runtime Environment unauthorized command execution
|
|
|
00200
|
2001, January 12
|
arp
|
|
|
00199
|
2000, November 29
|
Potential security issue in class loading
|
|
|
00198
|
2000, October 24
|
Browser Certificates
|
|
|
00197
|
2000, August 23
|
Java Web Server
|
|
|
00196
|
2000, August 07
|
AnswerBook2
|
|
|
00195
|
2000, August 02
|
lp
|
|
|
00194
|
2000, March 29
|
BIND
|
|
|
00193
|
2000, January 05
|
Distributed Denial-of-Service Tools
|
|
|
00192
|
1999, December 29
|
CDE and OpenWindows
|
|
|
00191
|
1999, December 29
|
sadmind
|
|
|
00190
|
1999, December 09
|
snoop
|
|
|
00189
|
1999, Setember 08
|
LC_MESSAGES
|
|
|
00188
|
1999, August 25
|
rpc.cmsd
|
|
|
00187
|
1999, June 07
|
Version 8.8.8 Sendmail for SunOS(tm) 5.6 and 5.5.1
|
|
|
00186
|
1999, June 07
|
rpc.statd
|
|
|
00185
|
1999, February 10
|
Common Desktop Environment (CDE)
|
|
|
00184
|
1999, February 10
|
man/catman
|
|
|
00183
|
1999, February 10
|
sdtcm_convert
|
|
|
00182
|
1998, December 17
|
passwd
|
|
|
00181
|
1998, December 17
|
dtmail
|
|
|
00180
|
1998, December 17
|
BIND
|
|
|
00179
|
1998, November 18
|
rdist
|
|
|
00178
|
1998, November 09
|
SNMP
|
|
|
00177
|
1998, October 21
|
IMAP
|
|
|
00176
|
1998, Setember 30
|
ftp
|
|
|
00175
|
1998, Setember 09
|
mailtool
|
|
|
00174
|
1998, Setember 09
|
ping
|
|
|
00173
|
1998, July 15
|
SUNWadmap
|
|
|
00172
|
1998, July 15
|
libnsl
|
|
|
00171
|
1998, June 10
|
ftpd
|
|
|
00170
|
1998, June 10
|
rpc.nisd
|
|
|
00169
|
1998, April 29
|
ufsrestore
|
|
|
00168
|
1998, April 29
|
mountd
|
|
|
00167
|
1998, April 08
|
rpcbind
|
|
|
00166
|
1998, March 11
|
rpc.cmsd
|
|
|
00165
|
1998, March 11
|
ndd
|
|
|
00164
|
1998, March 04
|
dtaction
|
|
|
00163
|
1998, March 04
|
vacation
|
|
|
00162
|
1998, February 10
|
volrmmount
|
|
|
00161
|
1997, December 18
|
Intel Pentium processor invalid instruction erratum
|
|
|
00160
|
1997, December 03
|
at
|
|
|
00159
|
1997, December 03
|
V8 Sendmail for SunOS(tm) 4.1.4 and 4.1.3_U1
|
|
|
00158
|
1997, October 28
|
rlogin
|
|
|
00157
|
1997, October 28
|
sysdef
|
|
|
00156
|
1997, October 28
|
ftpd/rlogind
|
|
|
00155
|
1997, October 28
|
nis_cachemgr
|
|
|
00154
|
1997, September 17
|
libX11
|
|
|
00153
|
1997, August 25
|
Vulnerabilities in libXt
|
|
|
00152
|
1997, August 25
|
Vulnerability in ifconfig ioctls
|
|
|
00151
|
1997, August 20
|
Vulnerability in automounter
|
|
|
00150
|
1997, August 12
|
Vulnerability in xlock
|
|
|
00149
|
1997, August 12
|
Vulnerability in ps
|
|
|
00148
|
1997, July 30
|
Vulnerability in NIS+
|
|
|
00147
|
1997, July 24
|
Vulnerability in talkd
|
|
|
00146
|
1997, July 15
|
Vulnerability in ping
|
|
|
00145
|
1997, June 25
|
Vulnerabilities with Solaris Solstice AdminSuite
|
|
|
00144
|
1997, June 24
|
Vulnerability in chkey
|
|
|
00143
|
1997, June 24
|
Vulnerability in eeprom
|
|
|
00142
|
1997, June 04
|
Vulnerability in rpcbind
|
|
|
00141
|
1997, June 04
|
Vulnerability in getopt(3)
|
|
|
00140
|
1997, May 14
|
Vulnerability in ffbconfig
|
|
|
00139
|
1997, April 29
|
Vulnerability with the pluggable authentication module (PAM)
|
|
|
00138
|
1997, April 17
|
Vulnerability with the volume management library, libvolmgt.so.1
|
|
|
00137a
|
1996, December 11
|
Vulnerability with libc and libnsl libraries
|
|
|
00136
|
1996, October 09
|
Protection from the TCP-based "SYN flood" denial-of-service attack
|
|
|
00135
|
1996, May 21
|
Vulnerability with the statd program
|
|
|
00134
|
1996, March 29
|
Release of the Java Developer's Kit, version 1.0.1
|
|
|
00133
|
1996, March 08
|
Vulnerability with sendmail and BIND/DNS
|
|
|
00132
|
1995, February 28
|
Vulnerability with interrupting installation script on demo CDs
|
|
|
00131
|
1995, September 14
|
Vulnerability with "ps_data"
|
|
|
00130a
|
1995, April 05
|
"SATAN" impact and new security patches
|
|
|
00129
|
1995, February 22
|
New security patches
|
|
|
00128
|
1994, July 20
|
New security patches
|
|
|
00127a
|
1994, May 05
|
Vulnerability with Solaris 2.3 automountd
|
|
|
00126
|
1994, March 21
|
New security patches for SunOS 4.1.x
|
|
|
00125
|
1993, December 23
|
endmail security patch
|
|
|
00124
|
1993, December 15
|
New security patches for loadmodule and modload
|
|
|
00123
|
1993, October 21
|
Sendmail update
|
|
|
00122
|
1993, October 21
|
New security patches for tar and sendmail
|
|
|
00121
|
1993, June 29
|
New patches
|
|
|
00120
|
1993, June 10
|
Vulnerability with expreserve utility
|
|
|
00119
|
1993, March 15
|
New and upgraded patches
|
|
|
00118
|
1992, November 11
|
New and upgraded patches
|
|
|
00117
|
1992, July 16
|
New and upgraded patches
|
|
|
00116
|
1992, May 26
|
New and upgraded patches
|
|
|
00115
|
1992, April 17
|
New and upgraded patches
|
|
|
00114
|
1991, May 30
|
Vulnerability with setuid program (loadmodule(8))
|
|
|
00113
|
1991, May 30
|
rdist can be used to create a setuid root shell
|
|
|
00112
|
1991, May 30
|
Vulnerability with fsirand (random number generator) program
|
|
|
00110
|
1991, May 30
|
Vulnerability with the rdist(1) command
|
|
|
00109
|
1991, May 30
|
Vulnerability with the integer division
|
|
|
00108
|
1991, May 30
|
lpd can be used to delete any file on the system
|
|
|
00107
|
1991, May 21
|
Security hole created by installing sunsrc
|
|
|
00106
|
1991, March 21
|
After telnet session aborts, new session gets previous output
|
|
|
00105
|
1990, January 15
|
Program "mail" problem in delivering mail
|
|
|
00102
|
1991, January 15
|
rpc.pwdauthd can be used to gain remote system knowledge
|
|
|
00101
|
1990, September 05
|
selection_svc and rpc can be used to gain access to system files
|
|
|
Login Required
You must login and have a valid contract to access Sun's Premium content which includes:
- Sun Alerts
- Bugs
- Patches
- Solutions
- White Papers
- Documentation
- Support Knowledge
Login Required
You must login and have a valid contract to access Sun's contracted features
|
Access Legend:
 Sun Contracted Content
 Sun Contracted Feature
|
Please make use of SunSolve Feedback application by selecting the floating [+] to provide feedback about this specific document.
|
