Computer Security
[EN] no-pyccku

DataDomain Web interface unfiltered shell characters
SecurityVulns ID:7507
Threat Level:
Description:Unfiltered shell characters vulnerability in multiple Web interface commands.
Affected:DATADOMAIN : Data Domain 4.0
CVE:CVE-2007-1836 (The command line administration interface in Data Domain OS before allows remote authenticated users to execute arbitrary commands via shell metacharacters in certain arguments to various commands, as demonstrated by the interface argument to the (1) ifconfig and (2) ping commands.)
Original documentdocumentElliot Kendall, Arbitrary Command Execution in DataDomain Administrator Interface (29.03.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod