CVE-2007-6610 - Insufficient Information vulnerability in Debian UNP 1.0.12

Publication

2008-01-03

Last modification

2008-11-15

Summary

unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product.

Description

The 'unp' package is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.Attackers can exploit this issue to execute arbitrary shell commands in the context of the application using the vulnerable version of 'unp'. This may facilitate the remote compromise of affected computers.This issue affects unp 1.0.12; other versions may also be affected.

Solution

The vendor has released an update that addresses this issue. Please see the references for more information.

Exploit

An attacker can use standard tools to exploit this issue.

Risk level (CVSS AV:N/AC:L/Au:N/C:C/I:C/A:C)

High

10.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Debian UNP  1.0.12