Vulnerabilities for Cluster (...) - CXSECURITY.COM

Vulnerabilities for 'Cluster'

2009-09-28

CVE-2009-3433

CWE-noinfo

Unspecified vulnerability in clsetup in the configuration utility in Sun Solaris Cluster 3.2 allows local users to gain privileges via unknown vectors.

2008-06-03

CVE-2008-2539

CWE-264

The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or corrupt files in global filesystems, via unspecified vectors.

2007-04-25

CVE-2007-2267

Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 before 20070424 allows remote authenticated users, operating from a different cluster node, to cause a denial of service (data corruption or send_mondo panic) via unspecified vectors, as demonstrated by EMC Symcli backup software 6.2.1.

2006-04-04

CVE-2006-1601

Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris.cluster.gui authorization to view arbitrary files via unspecified vectors.

2010-02-08

CVE-2003-1588

Sun Cluster 2.2, when HA-Oracle or HA-Sybase DBMS services are used, stores database credentials in cleartext in a cluster configuration file, which allows local users to obtain sensitive information by reading this file.

2003-12-31

CVE-2003-1563

CWE-Other

Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration.

2001-02-12

CVE-2001-0078

in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.

CVE-2001-0077

The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations.

>>> Vendor: SUN 200 Products

Web-based enterprise management

Solstice adminsuite

Netbeans developer

Solstice backup

Solaris isp server

Java system web server

Solaris answerbook2

Hotjava browser

Iplanet certificate management system

Javaserver web dev kit

Iplanet web server

Iplanet directory server

Management+center

One application server

Sun pci ii driver

Sunone starter kit

Ray server software

Solaris pc netlink

Enterprise authentication mechanism

One directory server

Crypto accelerator 4000

Java system calendar server

Java desktop system

Java enterprise system

Java system application server

Enterprise storage manager

Storedge 3310 scsi array

Storedge 3510 fc array

Java system web proxy server

Storedge sam-qfs

Storeedge performance suite

Storeedge utilization suite

Iplanet messaging server

One messaging server

Storedge enterprise backup software

Storedge 6130 arrays

Java system directory proxy server

Java system directory server

One administration server

Java system communications express

Java communications services delegated administrator

Java system access manager

Java studio enterprise

N1 system manager

Storage automated diagnostic environment

Java system content delivery server

Secure global desktop

Java system messaging server

Iplanet messaging server messenger express

Java system messenger express

Chainkey java code protection

Java dynamic management kit

Java web console

See all Products for Vendor SUN

Copyright 2024, cxsecurity.com