nvd-json-data-feeds/CVE-2007/CVE-2007-64xx/CVE-2007-6459.json

{
  "id": "CVE-2007-6459",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2007-12-20T00:46:00.000",
  "lastModified": "2018-10-15T21:54:30.007",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460."
    },
    {
      "lang": "es",
      "value": "Anon Proxy Server 0.100, y probablemente 0.101, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n mediante meta-caracteres de shell en (1) el par\u00e1metro host a diagdns.php, y (2) el par\u00e1metro host y posiblemente (3) el par\u00e1metro port a diagconnect.php, una vulnerabilidad diferente de CVE-2007-6460."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": true,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:anon_proxy_server:anon_proxy_server:0.100:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B45F8F2-06A9-4CC5-9A38-450205F100B0"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://securityreason.com/securityalert/3463",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/archive/1/485151/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/26882",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "https://www.exploit-db.com/exploits/4734",
      "source": "cve@mitre.org"
    }
  ]
}