Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0436Solaris vulnerability

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
3.9%
top 11.66%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
SUN SolarisSUN Sunos
Timeline
PublishedJul 26
Latest updateApr 30

Description

sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDsun/sunos5.7, 5.8+1
NVDsun/solaris7.0, 8.0+1

🔴Vulnerability Details

2
GHSA
GHSA-6pmq-fxh5-vhg5: sscd_suncourier2022-04-30
CVEList
CVE-2002-0436: sscd_suncourier2002-06-11

💥Exploits & PoCs

1
Exploit-DB
Solaris 7.0/8 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution2002-03-11
CVE-2002-0436 — SUN Solaris vulnerability | cvebase