Lucene search

[email protected]CVE-2007-4226

HistoryAug 08, 2007 - 10:17 p.m.

CVE-2007-4226

2007-08-0822:17:00

[email protected]

web.nvd.nist.gov

cve-2007-4226

directory traversal

bluecat networks

proteus ipam

vulnerability

remote authenticated administrators

tftp privileges

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.7%

JSON

Directory traversal vulnerability in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 (Adonis DNS/DHCP appliance 5.0.2.8) allows remote authenticated administrators, with certain TFTP privileges, to create and overwrite arbitrary files via a … (dot dot) in a pathname. NOTE: this can be leveraged for administrative access by overwriting /etc/shadow.

Affected configurations

NVD

Node

bluecat_networksadonisMatch5.0.2.8

CPENameOperatorVersion
bluecat_networks:adonisbluecat networks adoniseq5.0.2.8

CPE	Name	Operator	Version
bluecat_networks:adonis	bluecat networks adonis	eq	5.0.2.8

References

marc.info/?l=bugtraq&m=118669433531027&w=2

osvdb.org/39397

secunia.com/advisories/26354

securityreason.com/securityalert/2986

securitytracker.com/id?1018521

www.securityfocus.com/archive/1/475667/100/0/threaded

www.securityfocus.com/bid/25214

www.vupen.com/english/advisories/2007/2840

exchange.xforce.ibmcloud.com/vulnerabilities/35807

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.7%

JSON

Related for CVE-2007-4226

prion1 nvd1 cvelist1