Vulnerability Description
Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Sunos | 5.8 |
| Sun | Net Connect Software | 3.2.3 |
Related Weaknesses (CWE)
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610
- http://osvdb.org/40836
- http://secunia.com/advisories/27512PatchVendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1
- http://www.securityfocus.com/bid/26313Patch
- http://www.securitytracker.com/id?1018893
- http://www.vupen.com/english/advisories/2007/3711
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610
- http://osvdb.org/40836
- http://secunia.com/advisories/27512PatchVendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1
- http://www.securityfocus.com/bid/26313Patch
- http://www.securitytracker.com/id?1018893
FAQ
What is CVE-2007-3880?
CVE-2007-3880 is a vulnerability with a CVSS score of 7.2 (HIGH). Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via for...
How severe is CVE-2007-3880?
CVE-2007-3880 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3880?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Sunos, Sun Net Connect Software.