Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0697. PoCs published by Lluis Mora.
AI-analyzed exploit summary The exploit leverages a command injection vulnerability in Sun AnswerBook2 server version 1.4.2 and prior. By manipulating the log rotation feature, an attacker with administrative access can execute arbitrary commands with 'daemon' privileges.
Description
The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.
Exploits (1)
The exploit leverages a command injection vulnerability in Sun AnswerBook2 server version 1.4.2 and prior. By manipulating the log rotation feature, an attacker with administrative access can execute arbitrary commands with 'daemon' privileges.