Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2071Solaris vulnerability

CWE-2644 documents4 sources
Severity
4.6MEDIUMNVD
EPSS
0.2%
top 55.33%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SUN Solaris
Timeline
PublishedJun 29
Latest updateMay 1

Description

traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot).

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDsun/solaris10.0

🔴Vulnerability Details

2
GHSA
GHSA-9hrp-p3jf-w6mv: traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of2022-05-01
CVEList
CVE-2005-2071: traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of2005-06-29

💥Exploits & PoCs

1
Exploit-DB
Sun Solaris 10 Traceroute - Multiple Local Buffer Overflow Vulnerabilities2005-06-24
CVE-2005-2071 — SUN Solaris vulnerability | cvebase