CVE-2005-4797

Опубликовано: 31 дек. 2005

Источник: nvd

CVSS2: 5

EPSS Высокий

Описание

Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.

Ссылки

http://downloads.securityfocus.com/vulnerabilities/exploits/solaris_lpd_unlink.pm
Exploit
http://secunia.com/advisories/16367
Patch
Vendor Advisory
http://securitytracker.com/id?1014635
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101842-1
Patch
http://www.ciac.org/ciac/bulletins/p-280.shtml
Patch
Vendor Advisory
http://www.osvdb.org/18650
http://www.securityfocus.com/bid/14510
Exploit
Patch
http://www.vupen.com/english/advisories/2005/1342
https://exchange.xforce.ibmcloud.com/vulnerabilities/21773
http://downloads.securityfocus.com/vulnerabilities/exploits/solaris_lpd_unlink.pm
Exploit
http://secunia.com/advisories/16367
Patch
Vendor Advisory
http://securitytracker.com/id?1014635
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101842-1
Patch
http://www.ciac.org/ciac/bulletins/p-280.shtml
Patch
Vendor Advisory
http://www.osvdb.org/18650
http://www.securityfocus.com/bid/14510
Exploit
Patch
http://www.vupen.com/english/advisories/2005/1342
https://exchange.xforce.ibmcloud.com/vulnerabilities/21773

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*

cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*

cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*

cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*

cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*

cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*

cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*

cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*

cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.73269

Высокий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-7cx8-j7qq-8w58

github

почти 4 года назад