19 matches found
EUVD-2007-2761
Malware in sbrugna...
EUVD-2007-2759
Malware in sbrugna...
EUVD-2007-2350
Malware in sbrugna...
Design/Logic Flaw
BES before 3.5.0 in OPeNDAP 4 Hydrax before 1.2.1 does not properly handle compressed files, which allows remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file...
CVE-2007-2767
Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 Hydrax before 1.2.1 allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors...
Code injection
Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 Hydrax before 1.2.1 allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors...
CVE-2007-2769
BES before 3.5.0 in OPeNDAP 4 Hydrax before 1.2.1 does not properly handle compressed files, which allows remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file...
CVE-2007-2767
Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 Hydrax before 1.2.1 allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors...
CVE-2007-2769
BES before 3.5.0 in OPeNDAP 4 Hydrax before 1.2.1 does not properly handle compressed files, which allows remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file...
CVE-2007-2767
The CVE-2007-2767 entry affects BES prior to 3.5.0 in OPeNDAP 4 (Hydrax) prior to 1.2.1, with a vulnerability that allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors. This is described with a non-specific root cause and vectors and an impact l...
CVE-2007-2769
CVE-2007-2769 affects BES prior to 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1. The issue arises from improper handling of compressed files, enabling remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file. No further details on exploit methods or fixed...
OPeNDAP BES压缩文件远程命令执行漏洞
OPeNDAP是一款帮助研究者在不同格式中交换数据集的应用软件。 OPeNDAP服务程序的BES守护进程存在安全问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意代码。 攻击者可以发送特殊构建的压缩文件给受影响的服务器程序,导致BES守护程序在过滤压缩文件中的数据时出现问题而执行任意代码。 OPeNDAP Hyrax 1.2 OPeNDAP BES 3.4.2 + OPeNDAP Hyrax 1.2 升级程序: OPeNDAP BES 3.4.2 OPeNDAP bes-3.5.0.tar.gz...
OPeNDAP filesystem enumeration vulnerability
Overview The OPeNDAP server version 4 contains a file enumeration vulnerability. This vulnerability may allow an attacker to enumerate filesystem contents. Description OPeNDAP is a software package designed to help researchers exchange data sets that are stored in different formats. The most rece...
OPeNDAP arbitrary command execution vulnerability
Overview The BES daemon in OPeNDAP server version 4 contains a vulnerability. This vulnerability may allow an attacker to execute arbitrary commands, or upload files to a remote server. Description OPeNDAP is a software package designed to help researchers exchange data sets that are stored in...
Code injection
The geturl function in DODSDispatch.pm for the CGIserver in OPeNDAP 3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...
CVE-2007-2355
The geturl function in DODSDispatch.pm for the CGIserver in OPeNDAP 3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...
CVE-2007-2355
The geturl function in DODSDispatch.pm for the CGIserver in OPeNDAP 3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL...
CVE-2007-2355
CVE-2007-2355 affects the OPeNDAP 3 CGI_server, where the get_url function in DODS_Dispatch.pm is vulnerable to remote command execution via shell metacharacters in a URL. This is a remote, unauthenticated vulnerability with high impact (complete confidentiality, integrity, and availability). Mit...
OPeNDAP code execution vulnerability
Overview OPeNDAP server version 3 contains a vulnerability that allows an attacker to execute comands on the server. Description From the OPenNDAP website:OPeNDAP provides software which makes local data accessible to remote locations regardless of local storage format. OPeNDAP also provides tool...