Oracle Solaris CVE-2017-3623 Remote Code Execution Vulnerability

Oracle Solaris is prone to a remote code execution vulnerability.

The vulnerability can be exploited over the 'Multiple' protocol. The 'Kernel RPC' sub component is affected.

An attacker can exploit this issue to execute arbitrary code within the context of the target server.

Information

Bugtraq ID: 97778
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-3623

Remote: Yes
Local: No
Published: Apr 18 2017 12:00AM
Updated: May 29 2017 01:01PM
Credit: Oracle
Vulnerable: Oracle Solaris 0

Not Vulnerable:

Exploit

Reports indicate that this issue is being exploited in the wild. Please see the references for more information.

References:

Oracle Homepage (Oracle)
Oracle Critical Patch Update Advisory - April 2017 (Oracle)
Oracle patches Solaris 10 hole exploited by NSA spyware tool â?? and 298 other sec (The Register)

Source: www.securityfocus.com

Exploit Collector

Search Exploit