CVE-2002-0430

Sun Cobalt RaQ XTR - Auth Bypass

Title source: llm

Description

MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Wouter ter Maat · bashremotephp

https://www.exploit-db.com/exploits/21335

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Wouter ter Maat · perlremotephp

https://www.exploit-db.com/exploits/21334

View Code ZIP pw:eip

References (2)

[Exploit, Vendor Advisory] http://archives.neohapsis.com/archives/bugtraq/2002-03/0081.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4252

Scores

EPSS 0.0017

EPSS Percentile 37.4%

Details

Status published

Products (3)

sun/cobalt_raq_2

sun/cobalt_raq_3i

sun/cobalt_raq_4

Published Aug 12, 2002

Tracked Since Feb 18, 2026