CVE-2005-4797Path Traversal in Solaris

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
73.3%
top 1.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN SolarisSUN Sunos
Timeline
PublishedDec 31
Latest updateMay 1

Description

Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDsun/solaris4 versions+3
NVDsun/sunos5.7, 5.8+1

Patches

Patch: secunia.comPatch: securitytracker.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-7cx8-j7qq-8w58: Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via "2022-05-01
CVEList
CVE-2005-4797: Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via "2006-05-05

💥Exploits & PoCs

1
Metasploit
Solaris LPD Arbitrary File Delete
CVE-2005-4797 — Path Traversal in SUN Solaris | cvebase