## https://sploitus.com/exploit?id=SAINT:602E7B75D152A03298E979D20B4F9D15
Added: 01/08/2021
### Background
[SunSSH](<https://docs.oracle.com/cd/E53394_01/html/E54793/sshuser-6.html>) is a fork of [OpenSSH](<https://www.openssh.com/>) for Solaris. It provides remote login capability on Solaris platforms.
### Problem
A buffer overflow vulnerability in `**libpam**` could allow a remote attacker to execute arbitrary commands by sending a specially crafted authentication request to SunSSH.
### Resolution
Apply the patch referenced in [Patch Availability Document 2711819](<https://support.oracle.com/rs?type=doc&id=2711819.1>).
### References
<https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixSUNS>
<https://www.exploit-db.com/exploits/49261>
### Limitations
Exploit has been tested on Solaris 11.0. The libssh2 library must be installed on the scanning system.
### Platforms
Solaris