Vulnerabilities > CVE-1999-0209 - Unspecified vulnerability in SUN Sunos

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
sun
exploit available
metasploit

Summary

The SunView (SunTools) selection_svc facility allows remote users to read files.

Exploit-Db

  • descriptionSun Solaris. CVE-1999-0209. Remote exploit for solaris platform
    idEDB-ID:5366
    last seen2016-01-31
    modified2008-04-04
    published2008-04-04
    reporterI)ruid
    sourcehttps://www.exploit-db.com/download/5366/
    titleSun Solaris <= 10 - rpc.ypupdated Remote Root Exploit meta
  • descriptionSunView selection_svc Vulnerability. CVE-1999-0209. Remote exploit for solaris platform
    idEDB-ID:19040
    last seen2016-02-02
    modified1990-08-14
    published1990-08-14
    reporterPeter Shipley
    sourcehttps://www.exploit-db.com/download/19040/
    titleSunView SunOS <= 4.1.1 selection_svc Vulnerability
  • descriptionSolaris ypupdated Command Execution. CVE-1999-0209. Remote exploit for solaris platform
    idEDB-ID:16326
    last seen2016-02-01
    modified2010-07-25
    published2010-07-25
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16326/
    titleSolaris ypupdated Command Execution

Metasploit

descriptionThis exploit targets a weakness in the way the ypupdated RPC application uses the command shell when handling a MAP UPDATE request. Extra commands may be launched through this command shell, which runs as root on the remote host, by passing commands in the format '|'. Vulnerable systems include Solaris 2.7, 8, 9, and 10, when ypupdated is started with the '-i' command-line option.
idMSF:EXPLOIT/SOLARIS/SUNRPC/YPUPDATED_EXEC
last seen2020-03-13
modified2017-07-24
published2008-04-18
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0209
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/solaris/sunrpc/ypupdated_exec.rb
titleSolaris ypupdated Command Execution

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/82327/ypupdated_exec.rb.txt
idPACKETSTORM:82327
last seen2016-12-05
published2009-10-28
reporterI)ruid
sourcehttps://packetstormsecurity.com/files/82327/Solaris-ypupdated-Command-Execution.html
titleSolaris ypupdated Command Execution