CVE-2002-1361

Sun Cobalt RaQ 4 - RCE

Title source: llm

Description

overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by grazer · cremotelinux

https://www.exploit-db.com/exploits/22072

View Code ZIP pw:eip

References (7)

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/n-025.shtml

[Vendor Advisory] http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/49377

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/10776

[Patch, Third Party Advisory, US Government Resource] http://www.cert.org/advisories/CA-2002-35.html

[US Government Resource] http://www.kb.cert.org/vuls/id/810921

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/6326

[Mailing List] http://marc.info/?l=bugtraq&m=103912513522807&w=2

Scores

EPSS 0.2076

EPSS Percentile 95.6%

Details

Status published

Products (1)

sun/cobalt_raq_4

Published Dec 23, 2002

Tracked Since Feb 18, 2026