Lucene search

MitreCVE-2007-4390

HistoryAug 17, 2007 - 10:17 p.m.

CVE-2007-4390

2007-08-1722:17:00

CWE-264

mitre

web.nvd.nist.gov

cve-2007-4390

command line interface

adonis administration console

bluecat networks

dns

dhcp

root privileges

shell metacharacters

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

34.6%

JSON

The Command Line Interface (CLI), aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command.

Affected configurations

Nvd

Node

bluecat_networksadonisMatch5.0.2.8

VendorProductVersionCPE
bluecat_networksadonis5.0.2.8cpe:2.3:h:bluecat_networks:adonis:5.0.2.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bluecat_networks	adonis	5.0.2.8	cpe:2.3:h:bluecat_networks:adonis:5.0.2.8:::::::*

References

osvdb.org/39398

secunia.com/advisories/26495

securityreason.com/securityalert/3025

www.securityfocus.com/archive/1/476785/100/0/threaded

www.securityfocus.com/archive/1/477163/100/0/threaded

www.securityfocus.com/bid/25342

www.securitytracker.com/id?1018584

exchange.xforce.ibmcloud.com/vulnerabilities/36082

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

34.6%

JSON

Related for CVE-2007-4390