Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1587 — Solaris vulnerability

7 documents4 sources

Severity

2.1LOWNVD

EPSS

0.6%

top 29.35%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Tru64 SUN Solaris SUN Sunos

Timeline

PublishedDec 31

Latest updateMay 1

Description

/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶NVDsun/solaris9.0

▶NVDhp/tru645.1

▶NVDsun/sunos5.8

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-ccm4-xqqh-24h9: The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5↗2022-05-01

▶

GHSA

GHSA-vrp4-j3rg-w647: /usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbi↗2022-04-30

▶

CVEList

CVE-2007-0805: The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5↗2007-02-07

▶

CVEList

CVE-1999-1587: /usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbi↗2006-03-29

▶

💥Exploits & PoCs

Exploit-DB

Solaris 8/9 - '/usr/ucb/ps' Local Information Leak↗2006-08-22

▶