CVE-1999-0369

Solaris - Buffer Overflow in sdtcm_convert Calendar Utility

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0369. PoCs published by UNYUN.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the setuid-root utility sdtcm_convert on Solaris systems. It overwrites the return address with a crafted payload to execute arbitrary shellcode, leading to privilege escalation.

Description

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

Exploits (1)

exploitdb WORKING POC VERIFIED

by UNYUN · clocalsolaris

https://www.exploit-db.com/exploits/19128

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the setuid-root utility sdtcm_convert on Solaris systems. It overwrites the return address with a crafted payload to execute arbitrary shellcode, leading to privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: sdtcm_convert (Solaris OpenWindows calendar utility)

No auth needed

Prerequisites: Access to a vulnerable Solaris system with sdtcm_convert installed · Ability to execute the compiled exploit binary

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_sun

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/183

Scores

EPSS 0.0078

EPSS Percentile 51.0%

Details

Status published

Products (15)

sun/solaris

sun/solaris 1.1.3 u1

sun/solaris 1.1.4

sun/solaris 2.4

sun/solaris 2.5

sun/sunos

sun/sunos 4.1.3

sun/sunos 4.1.4

sun/sunos 5.0

sun/sunos 5.1

... and 5 more

Published Feb 01, 1997

Tracked Since Feb 18, 2026