CVE-2002-0436

sscdd_suncourier.pl - RCE

Title source: llm

Description

sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Fyodor · perlremotecgi

https://www.exploit-db.com/exploits/21340

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://www.securityfocus.com/archive/1/261544

[Vendor Advisory] http://www.securityfocus.com/bid/4269

[Vendor Advisory] http://www.iss.net/security_center/static/8435.php

Scores

EPSS 0.0393

EPSS Percentile 88.4%

Details

Status published

Products (4)

sun/solaris 7.0

sun/solaris 8.0

sun/sunos 5.7

sun/sunos 5.8

Published Jul 26, 2002

Tracked Since Feb 18, 2026