NVD

Id
58345  
Name
CVE-2007-6350  
Description
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks.  
Reject
 
CVSS Version
2  
CVSS Score
8.5  
Severity
High  
CVSS Base Score
8.5  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-12-14  
Modified Date
2011-08-08  
Seq
2007-6350  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
299199 58345 CVE-2007-6350 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148  View
299200 58345 CVE-2007-6350 http://bugs.gentoo.org/show_bug.cgi?id=201726  View
299201 58345 CVE-2007-6350 http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup  View
299202 58345 CVE-2007-6350 GLSA-200802-06  View
299203 58345 CVE-2007-6350 DSA-1473  View
299204 58345 CVE-2007-6350 26900  View
299205 58345 CVE-2007-6350 1019103  View
299206 58345 CVE-2007-6350 ADV-2007-4243  View
299207 58345 CVE-2007-6350 FEDORA-2008-1743  View
299208 58345 CVE-2007-6350 FEDORA-2008-1728  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57732 JVNDB-2007-006424 scponly におけるコードを実行される脆弱性 scponly には、制限を回避される、およびコードを実行される脆弱性が存在します。 CVE-2007-6350 29705 CVE-2007-6350 58345 8.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006424.html 2007-12-14 2012-12-20 View