CVE-2000-0210

Sun Flex License Manager - Local Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0210. PoCs published by sp00n.

AI-analyzed exploit summary The exploit leverages an insecure file creation vulnerability in Sun's WorkShop 5.0 license installation tool 'lit', which creates files in /var/tmp with root ownership. By creating a symbolic link to /.rhosts, an attacker can manipulate file ownership to gain unauthorized access.

Description

The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files.

Exploits (1)

exploitdb WORKING POC VERIFIED
by sp00n · textlocalsolaris
https://www.exploit-db.com/exploits/19757

The exploit leverages an insecure file creation vulnerability in Sun's WorkShop 5.0 license installation tool 'lit', which creates files in /var/tmp with root ownership. By creating a symbolic link to /.rhosts, an attacker can manipulate file ownership to gain unauthorized access.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Sun WorkShop 5.0 and other Sun products using FlexLM
No auth needed
Prerequisites: Access to the target system to create symbolic links in /var/tmp
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/998

Scores

EPSS 0.0056
EPSS Percentile 43.0%

Details

Status published
Products (1)
sun/workshop 5.0
Published Feb 21, 2000
Tracked Since Feb 18, 2026