CVE-2007-2617
Sun Remote Services Net Connect Software - Unauthenticated Arbitrary File Read via srsexec Options
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-2617. PoCs published by anonymous.
AI-analyzed exploit summary This exploit leverages a design error in Sun Microsystems Solaris to disclose sensitive information, including superuser password hashes from /etc/shadow, by invoking the srsexec binary with specific arguments.
Description
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.
Exploits (1)
This exploit leverages a design error in Sun Microsystems Solaris to disclose sensitive information, including superuser password hashes from /etc/shadow, by invoking the srsexec binary with specific arguments.