CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
30.4%
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.
Vendor | Product | Version | CPE |
---|---|---|---|
sun | solaris | 10.0 | cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:* |
sun | net_connect_software | 3.2.3 | cpe:2.3:a:sun:net_connect_software:3.2.3:*:*:*:*:*:*:* |
sun | net_connect_software | 3.2.4 | cpe:2.3:a:sun:net_connect_software:3.2.4:*:*:*:*:*:*:* |
labs.idefense.com/intelligence/vulnerabilities/display.php?id=531
osvdb.org/35940
secunia.com/advisories/25194
sunsolve.sun.com/search/document.do?assetkey=1-26-102891-1
www.securityfocus.com/bid/23915
www.securitytracker.com/id?1018046
www.vupen.com/english/advisories/2007/1769
exchange.xforce.ibmcloud.com/vulnerabilities/34223
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1920