CVE-2007-2586
CVE-2007-2586
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/6155não verificadoexploitdbwww.exploit-db.com/exploits/6155não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://seclists.org/bugtraq/2009/Jan/0183.htmlhttp://secunia.com/advisories/25199https://exchange.xforce.ibmcloud.com/vulnerabilities/34197https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5036http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtmlhttp://www.exploit-db.com/exploits/6155http://www.osvdb.org/35334http://www.securityfocus.com/archive/1/494868http://www.securityfocus.com/bid/23885http://www.securitytracker.com/id?1018030http://www.vupen.com/english/advisories/2007/1749