[1/5] Sun Solaris scp Command Line Shell Command Injection
June 11th, 2007 by 
admin [1/5] Sun Solaris scp Command Line Shell Command Injection
:Sun has acknowledged a weakness in Sun Solaris, which can be exploited by malicious, local users to perform certain actions with escalated privileges.For more information:SA18579The weakness is reported in Solaris 9 and 10 for both the SPARC and x86 platforms.Solution:The vendor recommends not using the scp command on untrusted filenames, for example on directories that are writable by untrusted users.Original Advisory:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1Other References:SA18579:http://secunia.com/advisories/18579/
Original post by sonia
[1/5] Sun Solaris scp Command Line Shell Command Injection
Related Articles:
[1/5] Avaya CMS / IR Solaris scp Command Line Shell Command Injection [1/5] Avaya CMS / IR Solaris rcp Command Line Shell Command Injection [3/5] Sun Solaris rpc.ypupdated Arbitrary Command Execution [1/5] Sun Solaris rcp Command Line Shell Command Injection [3/5] McAfee VirusScan Command Line for Linux Command Execution
Posted in Advisories - Exploits | 
| [1/5] Sun Solaris scp Command Line Shell Command Injection