CVE-2007-3717 Information

Description

rcp on Sun Solaris 8 9 and 10 before 20070710 does not properly call certain helper applications which allows local users to gain privileges by creating files with certain names possibly containing shell metacharacters or spaces a similar issue to CVE-2006-0225.

Reference

http://osvdb.org/36611 http://secunia.com/advisories/26024 http://secunia.com/advisories/26210 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102978-1 http://support.avaya.com/elmodocs2/security/ASA-2007-319.htm http://www.vupen.com/english/advisories/2007/2494 https://exchange.xforce.ibmcloud.com/vulnerabilities/35334 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1772