Vulnerability Details : CVE-2007-4560
Public exploit exists!
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
Products affected by CVE-2007-4560
- cpe:2.3:a:clam_anti-virus:clamav:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-4560
96.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2007-4560
-
ClamAV Milter Blackhole-Mode Remote Code Execution
Disclosure Date: 2007-08-24First seen: 2020-04-26exploit/unix/smtp/clamav_milter_blackholeThis module exploits a flaw in the Clam AntiVirus suite 'clamav-milter' (Sendmail mail filter). Versions prior to v0.92.2 are vulnerable. When implemented with black hole mode enabled, it is possible to execute commands remotely due to an insecure popen call.
CVSS scores for CVE-2007-4560
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.6
|
HIGH | AV:N/AC:H/Au:N/C:C/I:C/A:C |
4.9
|
10.0
|
NIST |
CWE ids for CVE-2007-4560
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-4560
-
http://www.novell.com/linux/security/advisories/2007_18_sr.html
Security - Support | SUSE
-
http://www.nruns.com/security_advisory_clamav_remote_code_exection.php
Patch
-
http://www.debian.org/security/2007/dsa-1366
[SECURITY] [DSA 1366-1] New clamav packages fix several vulnerabilities
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:172
Mandriva
-
http://www.securitytracker.com/id?1018610
Access Denied
-
http://www.securityfocus.com/bid/25439
ClamAV Popen Function Remote Code Execution VulnerabilityPatch
-
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html
[SECURITY] Fedora 7 Update: clamav-0.91.2-2.fc7
-
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
-
http://www.trustix.org/errata/2007/0026/
Trustix | Empowering Trust and Security in the Digital Age
-
http://docs.info.apple.com/article.html?artnum=307562
-
http://security.gentoo.org/glsa/glsa-200709-14.xml
ClamAV: Multiple vulnerabilities (GLSA 200709-14) — Gentoo security
-
http://securityreason.com/securityalert/3063
ClamAV Remote Code Execution Advisory - CXSecurity.com
-
http://www.securityfocus.com/archive/1/477723/100/0/threaded
-
http://www.vupen.com/english/advisories/2008/0924/references
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
Jump to