CVE-2009-4644

Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.

CVSS v2.0 9.0 HIGH

9.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.portcullis-security.com/338.php	Exploit
http://www.securityfocus.com/bid/38176	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/56248

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_296:::::::*
	cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_189:::::::*
	cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_259:::::::*
	cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_135:::::::*
	cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_178:::::::*

Information

Published : 2010-02-19 09:30

Updated : 2017-08-16 18:31

NVD link : CVE-2009-4644

Mitre link : CVE-2009-4644

JSON object : View

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Products Affected

accellion

secure_file_transfer_appliance

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.portcullis-security.com/338.php", "name": "http://www.portcullis-security.com/338.php", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/38176", "name": "38176", "tags": ["Exploit"], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56248", "name": "fta-menushell-command-execution(56248)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-4644", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-02-19T17:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_296:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_189:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_259:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_135:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:accellion:secure_file_transfer_appliance:7_0_178:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:31Z"}

9.0 /10