Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0095 — Sunos vulnerability

7 documents4 sources

Severity

1.2LOWNVD

EPSS

0.3%

top 49.68%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedFeb 12

Latest updateApr 30

Description

catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.

AV:L/AC:H/C:N/I:P/A:NExploitability: 1.9 | Impact: 2.9

▶NVDsun/sunos5.7, 5.8+1

GHSA

GHSA-pp2v-6wrc-g8x5: catman in Solaris 2↗2022-04-30

▶

CVEList

CVE-2001-0095: catman in Solaris 2↗2001-09-18

▶

Exploit-DB

SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber↗2000-12-20

▶

Exploit-DB

Solaris 2.7/2.8 Catman - Local Insecure tmp Symlink↗2000-12-19

▶

Exploit-DB

Solaris 2.x/7.0/8 - 'Catman' Race Condition (2)↗2000-11-21

▶

Exploit-DB

Solaris 2.x/7.0/8 - 'Catman' Race Condition (1)↗2000-11-21

▶