CVE-2007-2617 Information

Description

srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files which allows local users to read the first line of arbitrary files via the -d and -v options.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=531 http://osvdb.org/35940 http://secunia.com/advisories/25194 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102891-1 http://www.securityfocus.com/bid/23915 http://www.securitytracker.com/id?1018046 http://www.vupen.com/english/advisories/2007/1769 https://exchange.xforce.ibmcloud.com/vulnerabilities/34223 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1920