CVE-2002-1361

Sun Cobalt RaQ 4 - Remote Code Execution via overflow.cgi Email Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1361. PoCs published by grazer.

AI-analyzed exploit summary This exploit targets a command injection vulnerability in the RaQ4 Security Hardening Package (SHP) via a malicious email parameter in the web administration interface. It sends crafted HTTP requests to execute arbitrary commands on the server.

Description

overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by grazer · cremotelinux

https://www.exploit-db.com/exploits/22072

View Code ZIP pw:eip

This exploit targets a command injection vulnerability in the RaQ4 Security Hardening Package (SHP) via a malicious email parameter in the web administration interface. It sends crafted HTTP requests to execute arbitrary commands on the server.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Sun Microsystems RaQ4 with Security Hardening Package (SHP)

No auth needed

Prerequisites: Target must have RaQ4 with SHP installed · Port 81 or 444 must be accessible

MITRE ATT&CK