Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0696 — Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Hp-ux

8 documents5 sources

Severity

10.0CRITICALNVD

EPSS

5.6%

top 9.69%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Hp-ux SUN Solaris SUN Sunos

Timeline

PublishedJul 1

Latest updateApr 30

Description

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDhp/hp-ux10.24, 11.00+1

▶NVDsun/sunos5 versions+4

▶NVDsun/solaris2.5, 2.6+1

🔴Vulnerability Details

GHSA

GHSA-h3qp-3qwx-3x56: Buffer overflow in CDE Calendar Manager Service Daemon (rpc↗2022-04-30

▶

CVEList

CVE-1999-0696: Buffer overflow in CDE Calendar Manager Service Daemon (rpc↗2000-06-02

▶

💥Exploits & PoCs

Exploit-DB

Caldera OpenUnix 8.0/UnixWare 7.1.1 / HP HP-UX 11.0 / Solaris 7.0 / SunOS 4.1.4 - rpc.cmsd Buffer Overflow (1)↗1999-07-13

▶

Exploit-DB

Caldera OpenUnix 8.0/UnixWare 7.1.1 / HP HP-UX 11.0 / Solaris 7.0 / SunOS 4.1.4 - rpc.cmsd Buffer Overflow (2)↗1999-07-13

▶

🔍Detection Rules

Suricata

GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt↗2010-09-23

▶

Suricata

GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt↗2010-09-23

▶

Suricata

GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt↗2010-09-23

▶