Definition

Security Vulnerability in the rcp(1) Command May Allow Execution of Unintended Commands

oval:org.mitre.oval:def:1772

rcp on Sun Solaris 8 9 and 10 before 20070710 does not properly call certain helper applications which allows local users to gain privileges by creating files with certain names possibly containing shell metacharacters or spaces a similar issue to CVE-2006-0225.

Family:

unix

Status:

ACCEPTED

Platform(s):

Sun Solaris 9
Sun Solaris 8
Sun Solaris 10

Class:

vulnerability

Reference(s):

CVE-2007-3717

Product(s):