Exploitation Summary
EIP tracks 1 public exploit for CVE-1999-0109. PoCs published by Cristian Schipor.
AI-analyzed exploit summary This exploit targets a buffer overflow in the ffbconfig program on Solaris 2.4/2.5 to execute arbitrary shellcode, potentially granting root access. It leverages a stack-based overflow with NOP sleds and a SPARC-specific shellcode payload.
Description
Buffer overflow in ffbconfig in Solaris 2.5.1.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Cristian Schipor · clocalsolaris
https://www.exploit-db.com/exploits/19159
This exploit targets a buffer overflow in the ffbconfig program on Solaris 2.4/2.5 to execute arbitrary shellcode, potentially granting root access. It leverages a stack-based overflow with NOP sleds and a SPARC-specific shellcode payload.
Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target:
SUNWffbcf (ffbconfig) on Solaris 2.4/2.5 SPARC
No auth needed
Prerequisites:
SUNWffbcf package installed · SPARC architecture · Vulnerable Solaris version
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_sun
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/140
Scores
EPSS
0.0080
EPSS Percentile
52.0%
Details
Status
published
Products (4)
sun/solaris
2.5
sun/solaris
2.5.1 (2 CPE variants)
sun/sunos
5.5
sun/sunos
5.5.1
Published
Feb 10, 1997
Tracked Since
Feb 18, 2026