2 matches found
CVE-2007-2617
Sun Solaris 10 Net Connect Software Proxy Core srsexec has a local-privilege/file-read flaw: it does not enforce file permissions when opening files in debug (-d) and verbose (-v) modes, allowing a local user to read the first line of arbitrary files. Affected component: srsexec under Sun Remote ...
CVE-2007-3880
CVE-2007-3880 is a format-string vulnerability in the srsexec binary of Sun Remote Services Net Connect (SUNWsrspx), affecting Solaris 8/9/10 via NetConnect 3.2.3/3.2.4. An attacker with local access to a set-UID root srsexec can trigger syslog handling of crafted input containing format specifie...