Format string

Format string vulnerability in srsexec in Sun Remote Services SRS Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core SUNWsrspx package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog...

iDefense Security Advisory 11.02.07: Sun Microsystems Solaris srsexec Format String Vulnerability

iDefense Security Advisory 11.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 02, 2007 I. BACKGROUND The srsexec utility is part of the SRS Proxy Core package that is available with Solaris 10. This package is used to monitor the performance of clients running Solaris from a...

iDefense Security Advisory 05.10.07: Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability

Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability iDefense Security Advisory 05.10.07 http://labs.idefense.com/intelligence/vulnerabilities/ May 10, 2007 I. BACKGROUND The srsexec utility is part of the SRS Proxy Core package that is available with Solaris 10. It i...

Code injection

srsexec in Sun Remote Services SRS Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options...