• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sony SunnComm MediaMax Insecure Directory Permissions Vulnerability

SunnComm MediaMax is prone to an insecure directory permissions vulnerability.

The vulnerability presents itself because the 'SunnComm Shared' directory allows 'Full Control' permissions to 'Everyone'.

This insecure access control list associated with the directory can permit unprivileged attackers to read, modify and delete contents in the directory. Local privilege escalation is also possible.

SunnComm MediaMax 5.0.21.0 is known to be vulnerable to this issue, however, other versions may be affected as well.