CVE-2008-1319
published 2008-03-13CVE-2008-1319: Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
4.80%
90.8th percentile
Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| versant | versant_object_database | <= 7.0.1.3 | — |
| versant | versant_object_database | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Untrusted Search Path
mitre_cwe
CWE-426 Untrusted Search Path
CWE-426: Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.
This might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the product uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted product would then execute. The problem extends to any type of critical resource that the product trusts. Some of the most common variants of untrusted search path are: In various UNIX and Linux-based systems, the PATH environment variable may be consulted to locate executable programs, and
CWE
External Control of Critical State Data
mitre_cwe
CWE-642 External Control of Critical State Data
CWE-642: External Control of Critical State Data
The product stores security-critical state information about its users, or the product itself, in a location that is accessible to unauthorized actors.
If an attacker can modify the state information without detection, then it could be used to perform unauthorized actions or access unexpected resources, since the application programmer does not expect that the state can be changed. State information can be stored in various locations such as a cookie, in a hidden web form field, input parameter or argument, an environment variable, a database record, within a settings file, etc. All of these locations have the potential to be modified by an attacker. When this state information is used to control security or determine resource usage, then
http://aluigi.altervista.org/adv/versantcmd-adv.txthttp://marc.info/?l=bugtraq&m=120468784112145&w=2http://secunia.com/advisories/29230http://securityreason.com/securityalert/3738http://www.securityfocus.com/archive/1/489139/100/0/threadedhttp://www.securityfocus.com/bid/28097http://www.vupen.com/english/advisories/2008/0764/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/40997https://www.exploit-db.com/exploits/5213http://aluigi.altervista.org/adv/versantcmd-adv.txthttp://marc.info/?l=bugtraq&m=120468784112145&w=2http://secunia.com/advisories/29230http://securityreason.com/securityalert/3738http://www.securityfocus.com/archive/1/489139/100/0/threadedhttp://www.securityfocus.com/bid/28097http://www.vupen.com/english/advisories/2008/0764/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/40997https://www.exploit-db.com/exploits/5213
2008-03-13
Published