OPeNDAP BES Compressed Files Remote Command Execution Vulnerability
BID:24055
Info
OPeNDAP BES Compressed Files Remote Command Execution Vulnerability
| Bugtraq ID: | 24055 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-2769 |
| Remote: | Yes |
| Local: | No |
| Published: | May 18 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | NCIRT labs is credited with reporting this vulnerability. |
| Vulnerable: |
OPeNDAP Hyrax 1.2 OPeNDAP BES 3.4.2 |
| Not Vulnerable: |
OPeNDAP Hyrax 1.2.1 OPeNDAP BES 3.5 |
Discussion
OPeNDAP BES Compressed Files Remote Command Execution Vulnerability
OPeNDAP BES is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input.
Exploiting this issue allows attackers to execute arbitrary commands or to upload files, all in the context of the server.
A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.
This issue affects BES versions prior to 3.5.0.
OPeNDAP BES is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input.
Exploiting this issue allows attackers to execute arbitrary commands or to upload files, all in the context of the server.
A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.
This issue affects BES versions prior to 3.5.0.
Exploit / POC
OPeNDAP BES Compressed Files Remote Command Execution Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
OPeNDAP BES Compressed Files Remote Command Execution Vulnerability
Solution:
The vendor has addressed this issue in OPeNDAP Server4 (Hyrax) version 1.2.1 and BES 3.5.0.
OPeNDAP BES 3.4.2
Solution:
The vendor has addressed this issue in OPeNDAP Server4 (Hyrax) version 1.2.1 and BES 3.5.0.
OPeNDAP BES 3.4.2
-
OPeNDAP bes-3.5.0.tar.gz
http://www.opendap.org/pub/source/bes-3.5.0.tar.gz
References
OPeNDAP BES Compressed Files Remote Command Execution Vulnerability
References:
References:
- BES Software Download Page (OPeNDAP)
- Hyrax Download Page (OPeNDAP)
- OPeNDAP Home Page (OPeNDAP)
- OPeNDAP Security Messages (OPeNDAP)
- Vulnerability Note VU#659148 OPeNDAP arbitrary command execution vulnerability (US-CERT)