Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0786 — Solaris vulnerability

4 documents4 sources

Severity

4.6MEDIUMNVD

EPSS

0.3%

top 43.18%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SUN Solaris SUN Sunos

Timeline

PublishedSep 22

Latest updateApr 30

Description

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDsun/solaris4 versions+3

▶NVDsun/sunos5.4, 5.5, 5.5.1+2

🔴Vulnerability Details

GHSA

GHSA-2whr-5263-qqgc: The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack↗2022-04-30

▶

CVEList

CVE-1999-0786: The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack↗2000-03-22

▶

💥Exploits & PoCs

Exploit-DB

Solaris 2.6 - Profiling File Creation↗1999-09-22

▶