Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-0403. PoCs published by KimYongJun.
AI-analyzed exploit summary This exploit leverages insufficient file permission checks in JSparm's perfmon utility to overwrite arbitrary files on the system. By specifying a sensitive file (e.g., /.rhosts) as the log file, a local attacker can gain elevated privileges due to the SUID bit and permissive file creation (0666).
Description
/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI.
Exploits (1)
This exploit leverages insufficient file permission checks in JSparm's perfmon utility to overwrite arbitrary files on the system. By specifying a sensitive file (e.g., /.rhosts) as the log file, a local attacker can gain elevated privileges due to the SUID bit and permissive file creation (0666).