Lucene search
K

6 matches found

Circl
Circl
added 2018/09/21 1:57 a.m.9 views

CVE-2007-2617

creationtimestamp| type| source ---|---|--- 2018-09-21 01:57:20+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/post/solaris/escalate/srsexecreadline.rb 2025-02-06 03:13:38+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:22+00:00| seen|...

2.1CVSS5.6AI score0.03803EPSS
Exploits1References1
Metasploit
Metasploit
added 2018/09/13 6:7 p.m.40 views

Solaris srsexec Arbitrary File Reader

This module exploits a vulnerability in NetCommander 3.2.3 and 3.2.5. When srsexec is executed in debug -d verbose -v mode, the first line of an arbitrary file can be read due to the suid bit set. The most widely accepted exploitation vector is reading /etc/shadow, which will reveal root's hash f...

2.1CVSS6.9AI score0.03803EPSS
Exploits1
NVD
NVD
added 2007/05/11 4:19 p.m.16 views

CVE-2007-2617

srsexec in Sun Remote Services SRS Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options...

2.1CVSS6.3AI score0.03803EPSS
Exploits1References9
Cvelist
Cvelist
added 2007/05/11 4:0 p.m.20 views

CVE-2007-2617

srsexec in Sun Remote Services SRS Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options...

6.3AI score0.03803EPSS
Exploits1References9
CVE
CVE
added 2007/05/11 4:0 p.m.55 views

CVE-2007-2617

Sun Solaris 10 Net Connect Software Proxy Core srsexec has a local-privilege/file-read flaw: it does not enforce file permissions when opening files in debug (-d) and verbose (-v) modes, allowing a local user to read the first line of arbitrary files. Affected component: srsexec under Sun Remote ...

2.1CVSS6.3AI score0.03803EPSS
Exploits1References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2007/05/11 12:0 a.m.24 views

CVE-2007-2617

srsexec in Sun Remote Services SRS Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options. Recent assessments: h00die at March 25, 2020 12:46am UTC...

7.5CVSS6.1AI score0.63824EPSS
Exploits8References10
Rows per page
Query Builder