CVE-2007-3717 — Sunos vulnerability

3 documents3 sources

Severity

6.9MEDIUMNVD

CNA4.6

EPSS

0.0%

top 85.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Sunos

Timeline

PublishedJul 12

Latest updateMay 1

Description

rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

▶NVDsun/sunos5.10, 5.8, 5.9+2

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-wm2m-wxgh-453h: rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by cre↗2022-05-01

▶

CVEList

CVE-2007-3717: rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by cre↗2007-07-12

▶