ID CVE-2007-3717
Summary rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2007-08-20T08:04:38.771-04:00
class vulnerability
contributors
name Pai Peng
organization Opsware, Inc.
definition_extensions
  • comment Solaris 8 (SPARC) is installed
    oval oval:org.mitre.oval:def:1539
  • comment Solaris 8 (x86) is installed
    oval oval:org.mitre.oval:def:2059
  • comment Solaris 9 (SPARC) is installed
    oval oval:org.mitre.oval:def:1457
  • comment Solaris 9 (x86) is installed
    oval oval:org.mitre.oval:def:1683
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.
family unix
id oval:org.mitre.oval:def:1772
status accepted
submitted 2007-07-12T12:19:52.000-04:00
title Security Vulnerability in the rcp(1) Command May Allow Execution of Unintended Commands
version 36
refmap via4
confirm http://support.avaya.com/elmodocs2/security/ASA-2007-319.htm
osvdb 36611
secunia
  • 26024
  • 26210
sunalert 102978
vupen ADV-2007-2494
xf solaris-rcp-command-execution(35334)
Last major update 30-10-2018 - 16:25
Published 12-07-2007 - 16:30
Last modified 30-10-2018 - 16:25
Back to Top