CVE-2010-1183

This exploit leverages a symbolic-link attack in Sun Connection Update Manager for Solaris to overwrite arbitrary files, leading to privilege escalation. It compiles a setuid root shell and waits for the vulnerable process to execute it during patching.

This exploit leverages a local privilege escalation vulnerability in Solaris Recommended Patch Cluster 6/19 on x86 systems. It abuses a script execution flaw in the patch installation process to execute arbitrary commands as root by writing to /tmp/diskette_rc.d/rcs9.sh.

This exploit targets a race condition in Solaris 10 Patch 137097-01 by symlinking a predictable file path to /etc/passwd, allowing local privilege escalation. The script monitors for the 'inetd-upgrade' process and creates a symlink to overwrite the passwd file.