CVE-2007-3880

Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog.

Weakness

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Affected Software

Name	Vendor	Start Version	End Version
Sunos	Sun	5.8 (including)	5.8 (including)
Sunos	Sun	5.9 (including)	5.9 (including)
Sunos	Sun	5.10 (including)	5.10 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/135.html
https://cwe.mitre.org/data/definitions/67.html

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610
http://osvdb.org/40836
http://secunia.com/advisories/27512
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1
http://www.securityfocus.com/bid/26313
http://www.securitytracker.com/id?1018893
http://www.vupen.com/english/advisories/2007/3711
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610
http://osvdb.org/40836
http://secunia.com/advisories/27512
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1
http://www.securityfocus.com/bid/26313
http://www.securitytracker.com/id?1018893
http://www.vupen.com/english/advisories/2007/3711

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3880
CWE	https://cwe.mitre.org/data/definitions/134.html

Use of Externally-Controlled Format String

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References