CVE-2007-3880 Information

Description

Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4 as distributed in the SRS Proxy Core (SUNWsrspx) package allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610 http://osvdb.org/40836 http://secunia.com/advisories/27512 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1 http://www.securityfocus.com/bid/26313 http://www.securitytracker.com/id?1018893 http://www.vupen.com/english/advisories/2007/3711