CVE-2007-3717

rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*

History

21 Nov 2024, 00:33

Type Values Removed Values Added
References () http://osvdb.org/36611 - () http://osvdb.org/36611 -
References () http://secunia.com/advisories/26024 - Vendor Advisory () http://secunia.com/advisories/26024 - Vendor Advisory
References () http://secunia.com/advisories/26210 - () http://secunia.com/advisories/26210 -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102978-1 - Patch () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102978-1 - Patch
References () http://support.avaya.com/elmodocs2/security/ASA-2007-319.htm - () http://support.avaya.com/elmodocs2/security/ASA-2007-319.htm -
References () http://www.vupen.com/english/advisories/2007/2494 - () http://www.vupen.com/english/advisories/2007/2494 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/35334 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/35334 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1772 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1772 -

Information

Published : 2007-07-12 16:30

Updated : 2024-11-21 00:33


NVD link : CVE-2007-3717

Mitre link : CVE-2007-3717

CVE.ORG link : CVE-2007-3717


JSON object : View

Products Affected

sun

  • sunos