Vulnerabilities > CVE-1999-0209 - Unspecified vulnerability in SUN Sunos

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sun
exploit available
metasploit
NVD
Published: 1990-08-14
Updated: 2008-09-09

Summary

The SunView (SunTools) selection_svc facility allows remote users to read files.

Vulnerable Configurations

Part Description Count
OS
Sun
7

Exploit-Db

  • descriptionSun Solaris. CVE-1999-0209. Remote exploit for solaris platform
    idEDB-ID:5366
    last seen2016-01-31
    modified2008-04-04
    published2008-04-04
    reporterI)ruid
    sourcehttps://www.exploit-db.com/download/5366/
    titleSun Solaris <= 10 - rpc.ypupdated Remote Root Exploit meta
  • descriptionSunView selection_svc Vulnerability. CVE-1999-0209. Remote exploit for solaris platform
    idEDB-ID:19040
    last seen2016-02-02
    modified1990-08-14
    published1990-08-14
    reporterPeter Shipley
    sourcehttps://www.exploit-db.com/download/19040/
    titleSunView SunOS <= 4.1.1 selection_svc Vulnerability
  • descriptionSolaris ypupdated Command Execution. CVE-1999-0209. Remote exploit for solaris platform
    idEDB-ID:16326
    last seen2016-02-01
    modified2010-07-25
    published2010-07-25
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16326/
    titleSolaris ypupdated Command Execution

Metasploit

descriptionThis exploit targets a weakness in the way the ypupdated RPC application uses the command shell when handling a MAP UPDATE request. Extra commands may be launched through this command shell, which runs as root on the remote host, by passing commands in the format '|'. Vulnerable systems include Solaris 2.7, 8, 9, and 10, when ypupdated is started with the '-i' command-line option.
idMSF:EXPLOIT/SOLARIS/SUNRPC/YPUPDATED_EXEC
last seen2020-03-13
modified2017-07-24
published2008-04-18
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0209
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/solaris/sunrpc/ypupdated_exec.rb
titleSolaris ypupdated Command Execution

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/82327/ypupdated_exec.rb.txt
idPACKETSTORM:82327
last seen2016-12-05
published2009-10-28
reporterI)ruid
sourcehttps://packetstormsecurity.com/files/82327/Solaris-ypupdated-Command-Execution.html
titleSolaris ypupdated Command Execution

References