Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1071Solaris vulnerability

4 documents4 sources
Severity
2.1LOWNVD
EPSS
0.3%
top 44.75%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
SUN SolarisSUN Sunos
Timeline
PublishedJan 3
Latest updateApr 29

Description

rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDsun/solaris5 versions+4
NVDsun/sunos5.5.1, 5.7, 5.8+2

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-qjwp-x435-mm74: rpc2022-04-29
CVEList
CVE-2003-1071: rpc2005-02-08

💥Exploits & PoCs

1
Exploit-DB
Sun Solaris 2.5.1/2.6/7.0/8/9 Wall - Spoofed Message Origin2003-01-03
CVE-2003-1071 — SUN Solaris vulnerability | cvebase