Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0027 — Path Traversal in Solaris

8 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

65.2%

top 1.51%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SUN Solaris SUN Sunos

Timeline

PublishedFeb 7

Latest updateApr 29

Description

Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDsun/sunos5.5.1, 5.7, 5.8+2

▶NVDsun/solaris5 versions+4

Patches

Patch: www.entercept.com ↗Patch: www.kb.cert.org ↗Patch: www.entercept.com ↗

🔴Vulnerability Details

GHSA

GHSA-8h4x-5hq8-x8hc: Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arb↗2022-04-29

▶

CVEList

CVE-2003-0027: Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arb↗2004-09-01

▶

💥Exploits & PoCs

Exploit-DB

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)↗2003-05-05

▶

Metasploit

Solaris KCMS + TTDB Arbitrary File Read↗

▶

🔍Detection Rules

Suricata

GPL RPC kcms_server directory traversal attempt↗2010-09-23

▶

Suricata

GPL RPC portmap kcms_server request UDP↗2010-09-23

▶

Suricata

GPL RPC portmap kcms_server request TCP↗2010-09-23

▶