Opendap : Security vulnerabilities, CVEs published in 2007

Copy

CVE-2007-2769

BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not properly handle compressed files, which allows remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file.

Max CVSS

7.5

EPSS Score

1.70%

Published

2007-05-21

Updated

2017-07-29

CVE-2007-2767

Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors.

Max CVSS

7.8

EPSS Score

1.81%

Published

2007-05-21

Updated

2017-07-29

CVE-2007-2355

The get_url function in DODS_Dispatch.pm for the CGI_server in OPeNDAP 3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

Max CVSS

10.0

EPSS Score

3.88%

Published

2007-04-30

Updated

2017-07-29

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!