Description
The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Lluis Mora · textremotesolaris
https://www.exploit-db.com/exploits/20146
References (5)
Core 5
Core References
Various Sources x_refsource_misc
http://www.s21sec.com/en/avisos/s21sec-004-en.txt
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/5058.php
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1556
Patch, Vendor Advisory vendor-advisory
x_refsource_sun
http://archives.neohapsis.com/archives/sun/2000-q3/0001.html
Mailing List mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2000/Aug/0105.html
Scores
EPSS
0.0709
EPSS Percentile
91.6%
Details
Status
published
Products (4)
sun/solaris_answerbook2
1.3
sun/solaris_answerbook2
1.4
sun/solaris_answerbook2
1.4.1
sun/solaris_answerbook2
1.4.2
Published
Oct 20, 2000
Tracked Since
Feb 18, 2026