mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-13 03:02:49 +00:00
736 B
736 B
CVE-2011-0412
Description
Oracle Solaris 8, 9, and 10 stores back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
POC
Reference
Github
No PoCs found on GitHub currently.