CVE-2007-2586
CVE-2007-2586
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.
Productos afectados
n/a · n/aPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/6155no verificadoexploitdbwww.exploit-db.com/exploits/6155no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://seclists.org/bugtraq/2009/Jan/0183.htmlhttp://secunia.com/advisories/25199https://exchange.xforce.ibmcloud.com/vulnerabilities/34197https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5036http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtmlhttp://www.exploit-db.com/exploits/6155http://www.osvdb.org/35334http://www.securityfocus.com/archive/1/494868http://www.securityfocus.com/bid/23885http://www.securitytracker.com/id?1018030http://www.vupen.com/english/advisories/2007/1749