Lucene search

[email protected]CVE-2007-2586

HistoryMay 10, 2007 - 12:19 a.m.

CVE-2007-2586

2007-05-1000:19:00

CWE-863

[email protected]

web.nvd.nist.gov

cisco

ios

ftp server

cve-2007-2586

remote code execution

unauthorized access

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.894 High

EPSS

Percentile

98.8%

JSON

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.

Affected configurations

NVD

Node

ciscoiosMatch12.0\(1\)t

ciscoiosMatch12.0\(1\)t1

ciscoiosMatch12.0\(1\)xe

ciscoiosMatch12.0\(2\)s

ciscoiosMatch12.0\(2\)t

ciscoiosMatch12.0\(2\)t1

ciscoiosMatch12.0\(2\)xe

ciscoiosMatch12.0\(2\)xe1

ciscoiosMatch12.0\(2\)xe3

ciscoiosMatch12.0\(2\)xe4

ciscoiosMatch12.0\(2a\)t1

ciscoiosMatch12.0\(3\)s

ciscoiosMatch12.0\(3\)t

ciscoiosMatch12.0\(3\)t2

ciscoiosMatch12.0\(3\)t3

ciscoiosMatch12.0\(4\)s

ciscoiosMatch12.0\(4\)t

ciscoiosMatch12.0\(4\)xe

ciscoiosMatch12.0\(4\)xe2

ciscoiosMatch12.0\(5\)s

ciscoiosMatch12.0\(5\)t

ciscoiosMatch12.0\(5\)t1

ciscoiosMatch12.0\(5\)xe

ciscoiosMatch12.0\(5\)xe1

ciscoiosMatch12.0\(5\)xe2

ciscoiosMatch12.0\(5\)xe3

ciscoiosMatch12.0\(5\)xe4

ciscoiosMatch12.0\(5\)xe5

ciscoiosMatch12.0\(5\)xe8

ciscoiosMatch12.0\(5\)xk

ciscoiosMatch12.0\(5\)xk1

ciscoiosMatch12.0\(5\)xk2

ciscoiosMatch12.0\(5\)xt1

ciscoiosMatch12.0\(6\)s

ciscoiosMatch12.0\(6\)s1

ciscoiosMatch12.0\(6\)s2

ciscoiosMatch12.0\(7\)s

ciscoiosMatch12.0\(7\)s1

ciscoiosMatch12.0\(7\)t

ciscoiosMatch12.0\(7\)t1

ciscoiosMatch12.0\(7\)t2

ciscoiosMatch12.0\(7\)t3

ciscoiosMatch12.0\(7\)xk

ciscoiosMatch12.0\(7\)xk1

ciscoiosMatch12.0\(7\)xk2

ciscoiosMatch12.0\(7\)xk3

ciscoiosMatch12.0\(8\)s

ciscoiosMatch12.0\(8\)s1

ciscoiosMatch12.0\(9\)s

ciscoiosMatch12.0\(9\)s8

ciscoiosMatch12.0\(9\)st

ciscoiosMatch12.0\(10\)s

ciscoiosMatch12.0\(10\)s1

ciscoiosMatch12.0\(10\)s2

ciscoiosMatch12.0\(10\)s3

ciscoiosMatch12.0\(10\)s3b

ciscoiosMatch12.0\(10\)s4

ciscoiosMatch12.0\(10\)s5

ciscoiosMatch12.0\(10\)s6

ciscoiosMatch12.0\(10\)s7

ciscoiosMatch12.0\(10\)s8

ciscoiosMatch12.0\(10\)st

ciscoiosMatch12.0\(10\)st1

ciscoiosMatch12.0\(10\)st2

ciscoiosMatch12.0\(11\)s

ciscoiosMatch12.0\(11\)s1

ciscoiosMatch12.0\(11\)s2

ciscoiosMatch12.0\(11\)s3

ciscoiosMatch12.0\(11\)s4

ciscoiosMatch12.0\(11\)s5

ciscoiosMatch12.0\(11\)s6

ciscoiosMatch12.0\(11\)st

ciscoiosMatch12.0\(11\)st1

ciscoiosMatch12.0\(11\)st2

ciscoiosMatch12.0\(11\)st3

ciscoiosMatch12.0\(11\)st4

ciscoiosMatch12.0\(28\)s4a

ciscoiosMatch12.0\(31\)sz2

ciscoiosMatch12.1\(3\)xi

ciscoiosMatch12.1\(5\)xm

ciscoiosMatch12.1\(5\)xm1

ciscoiosMatch12.1\(5\)xm2

ciscoiosMatch12.1\(5\)xm3

ciscoiosMatch12.1\(5\)xm4

ciscoiosMatch12.1\(5\)xm5

ciscoiosMatch12.1\(5\)xm7

ciscoiosMatch12.1\(5\)xm8

ciscoiosMatch12.1\(5c\)ex

ciscoiosMatch12.1\(5c\)ex1

ciscoiosMatch12.1\(6\)ex

ciscoiosMatch12.1\(8b\)ex4

ciscoiosMatch12.1\(9\)ex

ciscoiosMatch12.2\(8\)zb

ciscoiosMatch12.2\(9\)yo

ciscoiosMatch12.2\(9\)yo1

ciscoiosMatch12.2\(9\)yo2

ciscoiosMatch12.2\(9\)yo3

ciscoiosMatch12.2\(9\)yo4

ciscoiosMatch12.2\(11\)yz

ciscoiosMatch12.2\(11\)yz1

ciscoiosMatch12.2\(11\)yz2

ciscoiosMatch12.2\(11\)yz3

ciscoiosMatch12.2\(12b\)m1

ciscoiosMatch12.2\(12h\)m1

ciscoiosMatch12.2\(13\)zf

ciscoiosMatch12.2\(13\)zf1

ciscoiosMatch12.2\(13\)zf2

ciscoiosMatch12.2\(13\)zh

ciscoiosMatch12.2\(13\)zh1

ciscoiosMatch12.2\(13\)zh2

ciscoiosMatch12.2\(13\)zh3

ciscoiosMatch12.2\(13\)zh4

ciscoiosMatch12.2\(13\)zh5

ciscoiosMatch12.2\(13b\)m1

ciscoiosMatch12.2\(13b\)m2

ciscoiosMatch12.2\(14\)sz

ciscoiosMatch12.2\(14\)sz1

ciscoiosMatch12.2\(14\)sz2

ciscoiosMatch12.2\(14\)sz3

ciscoiosMatch12.2\(14\)sz4

ciscoiosMatch12.2\(14\)sz5

ciscoiosMatch12.2\(14\)sz6

ciscoiosMatch12.2\(15\)zj

ciscoiosMatch12.2\(15\)zj1

ciscoiosMatch12.2\(15\)zj2

ciscoiosMatch12.2\(15\)zj3

ciscoiosMatch12.2\(15\)zj4

ciscoiosMatch12.2\(15\)zj5

ciscoiosMatch12.2\(15\)zl

ciscoiosMatch12.2\(15\)zl1

ciscoiosMatch12.2\(15\)zn

ciscoiosMatch12.2\(18\)s

ciscoiosMatch12.2\(18\)s1

ciscoiosMatch12.2\(18\)s2

ciscoiosMatch12.2\(18\)s3

ciscoiosMatch12.2\(18\)s4

ciscoiosMatch12.2\(20\)s

ciscoiosMatch12.2\(20\)s1

ciscoiosMatch12.2\(20\)s2

ciscoiosMatch12.2\(20\)s2a

ciscoiosMatch12.2\(20\)s3

ciscoiosMatch12.2\(20\)s4

ciscoiosMatch12.2\(20\)s4a

ciscoiosMatch12.2\(20\)s5

ciscoiosMatch12.2\(20\)s6

ciscoiosMatch12.2\(22\)s

ciscoiosMatch12.2\(25\)s

ciscoiosMatch12.2\(25\)s1

ciscoiosMatch12.2\(25\)s2

ciscoiosMatch12.2\(25\)se

ciscoiosMatch12.3\(1a\)b

ciscoiosMatch12.3\(2\)ja3

ciscoiosMatch12.3\(2\)ja4

ciscoiosMatch12.3\(2\)t

ciscoiosMatch12.3\(2\)t1

ciscoiosMatch12.3\(2\)t2

ciscoiosMatch12.3\(2\)t3

ciscoiosMatch12.3\(2\)t4

ciscoiosMatch12.3\(2\)t5

ciscoiosMatch12.3\(2\)t6

ciscoiosMatch12.3\(2\)t7

ciscoiosMatch12.3\(2\)t8

ciscoiosMatch12.3\(2\)t9

ciscoiosMatch12.3\(2\)xa

ciscoiosMatch12.3\(2\)xa1

ciscoiosMatch12.3\(2\)xa2

ciscoiosMatch12.3\(2\)xa3

ciscoiosMatch12.3\(2\)xa4

ciscoiosMatch12.3\(2\)xa5

ciscoiosMatch12.3\(2\)xc

ciscoiosMatch12.3\(2\)xc1

ciscoiosMatch12.3\(2\)xc2

ciscoiosMatch12.3\(2\)xe

ciscoiosMatch12.3\(2\)xe1

ciscoiosMatch12.3\(2\)xe2

ciscoiosMatch12.3\(2\)xe3

ciscoiosMatch12.3\(2\)xe4

ciscoiosMatch12.3\(2\)xf

ciscoiosMatch12.3\(3\)b

ciscoiosMatch12.3\(3\)b1

ciscoiosMatch12.3\(4\)t

ciscoiosMatch12.3\(4\)t1

ciscoiosMatch12.3\(4\)t2

ciscoiosMatch12.3\(4\)t3

ciscoiosMatch12.3\(4\)t4

ciscoiosMatch12.3\(4\)t5

ciscoiosMatch12.3\(4\)t6

ciscoiosMatch12.3\(4\)t7

ciscoiosMatch12.3\(4\)t8

ciscoiosMatch12.3\(4\)t9

ciscoiosMatch12.3\(4\)t10

ciscoiosMatch12.3\(4\)t11

ciscoiosMatch12.3\(4\)tpc11a

ciscoiosMatch12.3\(4\)xd

ciscoiosMatch12.3\(4\)xd1

ciscoiosMatch12.3\(4\)xd2

ciscoiosMatch12.3\(4\)xd3

ciscoiosMatch12.3\(4\)xd4

ciscoiosMatch12.3\(4\)xg

ciscoiosMatch12.3\(4\)xg1

ciscoiosMatch12.3\(4\)xg2

ciscoiosMatch12.3\(4\)xg3

ciscoiosMatch12.3\(4\)xg4

ciscoiosMatch12.3\(4\)xg5

ciscoiosMatch12.3\(4\)xh

ciscoiosMatch12.3\(4\)xh1

ciscoiosMatch12.3\(4\)xk

ciscoiosMatch12.3\(4\)xk1

ciscoiosMatch12.3\(4\)xk2

ciscoiosMatch12.3\(4\)xk3

ciscoiosMatch12.3\(4\)xk4

ciscoiosMatch12.3\(4\)xq

ciscoiosMatch12.3\(4\)xq1

ciscoiosMatch12.3\(4\)ye

ciscoiosMatch12.3\(4\)ye1

ciscoiosMatch12.3\(5a\)b

ciscoiosMatch12.3\(5a\)b0a

ciscoiosMatch12.3\(5a\)b1

ciscoiosMatch12.3\(5a\)b2

ciscoiosMatch12.3\(5a\)b3

ciscoiosMatch12.3\(5a\)b4

ciscoiosMatch12.3\(5a\)b5

ciscoiosMatch12.3\(7\)jx9

ciscoiosMatch12.3\(7\)t

ciscoiosMatch12.3\(7\)t1

ciscoiosMatch12.3\(7\)t2

ciscoiosMatch12.3\(7\)t3

ciscoiosMatch12.3\(7\)t4

ciscoiosMatch12.3\(7\)t6

ciscoiosMatch12.3\(7\)t7

ciscoiosMatch12.3\(7\)t8

ciscoiosMatch12.3\(7\)t9

ciscoiosMatch12.3\(7\)t10

ciscoiosMatch12.3\(7\)t11

ciscoiosMatch12.3\(7\)t12

ciscoiosMatch12.3\(7\)xi3a

ciscoiosMatch12.3\(7\)xl

ciscoiosMatch12.3\(7\)xr

ciscoiosMatch12.3\(7\)xr1

ciscoiosMatch12.3\(7\)xr2

ciscoiosMatch12.3\(7\)xr3

ciscoiosMatch12.3\(7\)xr4

ciscoiosMatch12.3\(7\)xr5

ciscoiosMatch12.3\(7\)xr6

ciscoiosMatch12.3\(7\)xs

ciscoiosMatch12.3\(7\)xs1

ciscoiosMatch12.3\(7\)xs2

ciscoiosMatch12.3\(8\)jk

ciscoiosMatch12.3\(8\)t

ciscoiosMatch12.3\(8\)t1

ciscoiosMatch12.3\(8\)t2

ciscoiosMatch12.3\(8\)t3

ciscoiosMatch12.3\(8\)t4

ciscoiosMatch12.3\(8\)t5

ciscoiosMatch12.3\(8\)t6

ciscoiosMatch12.3\(8\)t7

ciscoiosMatch12.3\(8\)t8

ciscoiosMatch12.3\(8\)t9

ciscoiosMatch12.3\(8\)t10

ciscoiosMatch12.3\(8\)t11

ciscoiosMatch12.3\(8\)xx

ciscoiosMatch12.3\(8\)xx1

ciscoiosMatch12.3\(8\)xx2

ciscoiosMatch12.3\(8\)xx2a

ciscoiosMatch12.3\(8\)xx2b

ciscoiosMatch12.3\(8\)xx2c

ciscoiosMatch12.3\(8\)ya

ciscoiosMatch12.3\(8\)ya1

ciscoiosMatch12.3\(8\)yc

ciscoiosMatch12.3\(8\)yc1

ciscoiosMatch12.3\(8\)yc2

ciscoiosMatch12.3\(8\)yc3

ciscoiosMatch12.3\(8\)yd

ciscoiosMatch12.3\(8\)yd1

ciscoiosMatch12.3\(8\)yg

ciscoiosMatch12.3\(8\)yg1

ciscoiosMatch12.3\(8\)yg2

ciscoiosMatch12.3\(8\)yg3

ciscoiosMatch12.3\(8\)yg4

ciscoiosMatch12.3\(8\)yg5

ciscoiosMatch12.3\(8\)yh

ciscoiosMatch12.3\(8\)yi

ciscoiosMatch12.3\(8\)yi1

ciscoiosMatch12.3\(8\)yi2

ciscoiosMatch12.3\(8\)yi3

ciscoiosMatch12.3\(8\)za

ciscoiosMatch12.3\(9\)m0

ciscoiosMatch12.3\(9\)m1

ciscoiosMatch12.3\(10a\)m0

ciscoiosMatch12.3\(11\)ja2

ciscoiosMatch12.3\(11\)jx

ciscoiosMatch12.3\(11\)jx1

ciscoiosMatch12.3\(11\)t

ciscoiosMatch12.3\(11\)t1

ciscoiosMatch12.3\(11\)t2

ciscoiosMatch12.3\(11\)t3

ciscoiosMatch12.3\(11\)t4

ciscoiosMatch12.3\(11\)t5

ciscoiosMatch12.3\(11\)t6

ciscoiosMatch12.3\(11\)t7

ciscoiosMatch12.3\(11\)t8

ciscoiosMatch12.3\(11\)t9

ciscoiosMatch12.3\(11\)t10

ciscoiosMatch12.3\(11\)t11

ciscoiosMatch12.3\(11\)to3

ciscoiosMatch12.3\(11\)xl

ciscoiosMatch12.3\(11\)xl1

ciscoiosMatch12.3\(11\)xl2

ciscoiosMatch12.3\(11\)xl3

ciscoiosMatch12.3\(11\)yf2

ciscoiosMatch12.3\(11\)yk

ciscoiosMatch12.3\(11\)yk1

ciscoiosMatch12.3\(11\)yk2

ciscoiosMatch12.3\(11\)yl

ciscoiosMatch12.3\(11\)yl1

ciscoiosMatch12.3\(11\)yl2

ciscoiosMatch12.3\(11\)ys

ciscoiosMatch12.3\(11\)ys1

ciscoiosMatch12.3\(11\)yz

ciscoiosMatch12.3\(11\)yz1

ciscoiosMatch12.3\(11\)zb

ciscoiosMatch12.3\(11\)zb1

ciscoiosMatch12.3\(14\)t

ciscoiosMatch12.3\(14\)t1

ciscoiosMatch12.3\(14\)t2

ciscoiosMatch12.3\(14\)t3

ciscoiosMatch12.3\(14\)t4

ciscoiosMatch12.3\(14\)t5

ciscoiosMatch12.3\(14\)t6

ciscoiosMatch12.3\(14\)t7

ciscoiosMatch12.3\(14\)ym2

ciscoiosMatch12.3\(14\)ym3

ciscoiosMatch12.3\(14\)ym4

ciscoiosMatch12.3\(14\)ym5

ciscoiosMatch12.3\(14\)ym6

ciscoiosMatch12.3\(14\)ym7

ciscoiosMatch12.3\(14\)ym8

ciscoiosMatch12.3\(14\)ym9

ciscoiosMatch12.3\(14\)yt

ciscoiosMatch12.3\(14\)yt1

ciscoiosMatch12.4\(2\)t

ciscoiosMatch12.4\(2\)t1

ciscoiosMatch12.4\(2\)t2

ciscoiosMatch12.4\(2\)t3

ciscoiosMatch12.4\(2\)t4

ciscoiosMatch12.4\(2\)t5

ciscoiosMatch12.4\(2\)xa

ciscoiosMatch12.4\(2\)xa1

ciscoiosMatch12.4\(2\)xa2

ciscoiosMatch12.4\(4\)t

ciscoiosMatch12.4\(4\)t1

ciscoiosMatch12.4\(4\)t2

ciscoiosMatch12.4\(4\)t3

ciscoiosMatch12.4\(4\)t4

ciscoiosMatch12.4\(4\)t5

ciscoiosMatch12.4\(4\)xc

ciscoiosMatch12.4\(4\)xc1

ciscoiosMatch12.4\(4\)xc2

ciscoiosMatch12.4\(4\)xc3

ciscoiosMatch12.4\(4\)xc4

ciscoiosMatch12.4\(4\)xc5

ciscoiosMatch12.4\(4\)xd

ciscoiosMatch12.4\(4\)xd1

ciscoiosMatch12.4\(4\)xd2

ciscoiosMatch12.4\(4\)xd3

ciscoiosMatch12.4\(5a\)m0

ciscoiosMatch12.4\(6\)t

ciscoiosMatch12.4\(6\)t1

ciscoiosMatch12.4\(6\)t2

ciscoiosMatch12.4\(6\)t3

ciscoiosMatch12.4\(6\)t4

ciscoiosMatch12.4\(6\)t5

ciscoiosMatch12.4\(6\)xe

ciscoiosMatch12.4\(6\)xe1

ciscoiosMatch12.4\(6\)xe2

ciscoiosMatch12.4\(9\)t

ciscoiosMatch12.4\(9\)t0a

ciscoiosMatch12.4\(9\)t1

ciscoiosMatch12.4\(11\)sw

ciscoiosMatch12.4\(11\)sw1

CPENameOperatorVersion
cisco:ioscisco ioseq12.0\(1\)t
cisco:ioscisco ioseq12.0\(1\)t1
cisco:ioscisco ioseq12.0\(1\)xe
cisco:ioscisco ioseq12.0\(2\)s
cisco:ioscisco ioseq12.0\(2\)t
cisco:ioscisco ioseq12.0\(2\)t1
cisco:ioscisco ioseq12.0\(2\)xe
cisco:ioscisco ioseq12.0\(2\)xe1
cisco:ioscisco ioseq12.0\(2\)xe3
cisco:ioscisco ioseq12.0\(2\)xe4

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	12.0\(1\)t
cisco:ios	cisco ios	eq	12.0\(1\)t1
cisco:ios	cisco ios	eq	12.0\(1\)xe
cisco:ios	cisco ios	eq	12.0\(2\)s
cisco:ios	cisco ios	eq	12.0\(2\)t
cisco:ios	cisco ios	eq	12.0\(2\)t1
cisco:ios	cisco ios	eq	12.0\(2\)xe
cisco:ios	cisco ios	eq	12.0\(2\)xe1
cisco:ios	cisco ios	eq	12.0\(2\)xe3
cisco:ios	cisco ios	eq	12.0\(2\)xe4