7.5

CVE-2007-3011

Exploit
The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FujitsuServerview Version2.50
FujitsuServerview Version3.60l98
FujitsuServerview Version3.60l99
FujitsuServerview Version4.10l11
FujitsuServerview Version4.11l11b
FujitsuServerview Version4.11l81
FujitsuServerview Version4.30.1
FujitsuServerview Version4.30.2
FujitsuServerview Version4.30.3
FujitsuServerview Version4.30.4
FujitsuServerview Version4.30.5
FujitsuServerview Version4.30.6
FujitsuServerview Version4.30.7
FujitsuServerview Version4.30.8
FujitsuServerview Version4.30.9
FujitsuServerview Version4.30.10
FujitsuServerview Version4.30.11
FujitsuServerview Version4.30.12
FujitsuServerview Version4.30.13
FujitsuServerview Version4.40.1
FujitsuServerview Version4.40.2
FujitsuServerview Version4.40.3
FujitsuServerview Version4.40.4
FujitsuServerview Version4.40.5
FujitsuServerview Version4.40.6
FujitsuServerview Version4.50.1
FujitsuServerview Version4.50.2
FujitsuServerview Version4.50.3
FujitsuServerview Version4.50.4
FujitsuServerview Version4.50.5
FujitsuServerview Version4.50.6
FujitsuServerview Version4.50.7
FujitsuServerview Version4.50.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.17% 0.896
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/37835
http://secunia.com/advisories/25944
Patch
Vendor Advisory
http://securityreason.com/securityalert/2858
http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php
Patch
Vendor Advisory
Exploit
http://www.securityfocus.com/archive/1/472800/100/0/threaded
http://www.securityfocus.com/bid/24762
Patch
Exploit
http://www.vupen.com/english/advisories/2007/2441
https://exchange.xforce.ibmcloud.com/vulnerabilities/35257