Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-4560HistoryAug 28, 2007 - 1:17 a.m.
CVE-2007-4560
2007-08-2801:17:00
Debian Security Bug Tracker
security-tracker.debian.org
10
CVSS2
7.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS
0.965
Percentile
99.6%
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the “recipient field of sendmail.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | clamav | < 0.91.2-1~volatile1 | clamav_0.91.2-1~volatile1_all.deb |
| Debian | 11 | all | clamav | < 0.91.2-1~volatile1 | clamav_0.91.2-1~volatile1_all.deb |
| Debian | 999 | all | clamav | < 0.91.2-1~volatile1 | clamav_0.91.2-1~volatile1_all.deb |
| Debian | 13 | all | clamav | < 0.91.2-1~volatile1 | clamav_0.91.2-1~volatile1_all.deb |
Related
prion
prion
Code injection
2007-08-28 01:17:00
ubuntucve
ubuntucve
CVE-2007-4560
2007-08-28 00:00:00
saint
saint
ClamAV milter popen command injection
2007-09-06 00:00:00
ClamAV milter popen command injection
2007-09-06 00:00:00
ClamAV milter popen command injection
2007-09-06 00:00:00
cve
cve
CVE-2007-4560
2007-08-28 01:17:00
nvd
nvd
CVE-2007-4560
2007-08-28 01:17:00
checkpoint_advisories
checkpoint_advisories
nessus
nessus
ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Command Execution
2008-01-03 00:00:00
Mandrake Linux Security Advisory : clamav (MDKSA-2007:172)
2007-09-03 00:00:00
Fedora 7 : clamav-0.91.2-2.fc7 (2007-2050)
2007-11-06 00:00:00
cvelist
cvelist
CVE-2007-4560
2007-08-28 01:00:00
d2
d2
DSquare Exploit Pack: D2SEC_CLAMAV
2007-08-28 01:17:00
packetstorm
packetstorm
ClamAV Milter Blackhole-Mode Remote Code Execution
2009-10-28 00:00:00
metasploit
metasploit
ClamAV Milter Blackhole-Mode Remote Code Execution
2008-03-17 11:51:30
exploitdb
exploitdb
ClamAV Milter 0.92.2 - Blackhole-Mode (Sendmail) Code Execution (Metasploit)
2007-08-24 00:00:00
ClamAV Milter - Blackhole-Mode Remote Code Execution (Metasploit)
2010-10-09 00:00:00
debian
debian
[SECURITY] [DSA 1366-1] New clamav packages fix several vulnerabilities
2007-09-01 11:53:51
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2007-09-20 00:00:00
osv
osv
clamav
2007-09-01 00:00:00
f5
f5
SOL7985 - ClamAV clamav-milter vulnerability - CVE-2007-4560
2007-09-27 00:00:00
K7985 : ClamAV clamav-milter vulnerability - CVE-2007-4560
2013-03-19 00:00:00
openvas
openvas
Debian Security Advisory DSA 1366-1 (clamav)
2008-01-17 00:00:00
Mandriva Update for clamav MDKSA-2007:172 (clamav)
2009-04-09 00:00:00
Mandriva Update for clamav MDKSA-2007:172 (clamav)
2009-04-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package clamav version 0.91.2-alt1
2007-09-03 00:00:00
Security fix for the ALT Linux 8 package clamav version 0.91.2-alt1
2007-09-03 00:00:00
Security fix for the ALT Linux 10 package clamav version 0.91.2-alt1
2007-09-03 00:00:00
CVSS2
7.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS
0.965
Percentile
99.6%
Related for DEBIANCVE:CVE-2007-4560