module
Solaris srsexec Arbitrary File Reader
| Disclosed |
|---|
| May 7, 2007 |
Disclosed
May 7, 2007
Description
This module exploits a vulnerability in NetCommander 3.2.3 and 3.2.5.
When srsexec is executed in debug (-d) verbose (-v) mode,
the first line of an arbitrary file can be read due to the suid bit set.
The most widely accepted exploitation vector is reading /etc/shadow,
which will reveal root's hash for cracking.
When srsexec is executed in debug (-d) verbose (-v) mode,
the first line of an arbitrary file can be read due to the suid bit set.
The most widely accepted exploitation vector is reading /etc/shadow,
which will reveal root's hash for cracking.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.