CVE-2007-2617

Published: May 11, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

oval:org.mitre.oval:def:1920

vdb-entry

signature

x_refsource_OVAL

35940

vdb-entry

x_refsource_OSVDB

1018046

vdb-entry

x_refsource_SECTRACK

sunsrs-srsexec-information-disclosure(34223)

vdb-entry

x_refsource_XF

25194

third-party-advisory

x_refsource_SECUNIA

102891

vendor-advisory

x_refsource_SUNALERT

23915

vdb-entry

x_refsource_BID

ADV-2007-1769

vdb-entry

x_refsource_VUPEN

20070510 Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability

third-party-advisory

x_refsource_IDEFENSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-2617

Description

Affected Products

References