CVE-2010-2383

Oracle Solaris <10 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2383. PoCs published by Frank Stuart.

AI-analyzed exploit summary This exploit demonstrates an insecure temporary file creation vulnerability in Oracle Solaris. By creating a symbolic link from /tmp/.nfslogd.pid to /etc/oops, an attacker can overwrite arbitrary files with root privileges when the nfslogd service is executed.

Description

Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Frank Stuart · textlocalsolaris

https://www.exploit-db.com/exploits/34313

View Code ZIP pw:eip

This exploit demonstrates an insecure temporary file creation vulnerability in Oracle Solaris. By creating a symbolic link from /tmp/.nfslogd.pid to /etc/oops, an attacker can overwrite arbitrary files with root privileges when the nfslogd service is executed.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Oracle Solaris 8, 9, 10, OpenSolaris

No auth needed

Prerequisites: Local access to the target system · Ability to create symbolic links in /tmp

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

Scores

EPSS 0.0068

EPSS Percentile 47.9%

Details

Status published

Products (4)

oracle/opensolaris

oracle/solaris 8

oracle/solaris 9

oracle/solaris 10

Published Jul 13, 2010

Tracked Since Feb 18, 2026