CVE-2017-1000215
published 2017-11-17CVE-2017-1000215: ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
6.47%
92.9th percentile
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xrootd | — | — |
| xrootd | xrootd | <= 4.6.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability affects ROOT xrootd version 4.6.0 and below; any xrootd process running version <= 4.6.0 should be flagged as potentially exploitable for unauthenticated shell command injection / RCE ↗
- ·The vulnerability is exploitable without authentication, meaning no credentials or prior access are required to trigger the shell command injection; ensure xrootd services are not exposed to untrusted networks on any version <= 4.6.0 ↗
- ·Debian distributions (bookworm, bullseye, forky, sid, trixie) have resolved this CVE; verify patched packages are deployed in Debian-based environments ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5gjx-7m75-v665: ROOT xrootd version 4
ghsa_unreviewed·2022-05-13
CVE-2017-1000215 [CRITICAL] CWE-78 GHSA-5gjx-7m75-v665: ROOT xrootd version 4
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
Debian
CVE-2017-1000215: xrootd - ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell co...
vendor_debian·2017·CVSS 9.8
CVE-2017-1000215 [CRITICAL] CVE-2017-1000215: xrootd - ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell co...
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/xrootd/xrootd/blob/befa2e627a5a33a38c92db3e57c07d8246a24acf/src/XrdSecgsi/XrdSecgsiGMAPFunLDAP.cc#L85https://github.com/xrootd/xrootd/blob/v4.6.1/docs/ReleaseNotes.txthttps://github.com/xrootd/xrootd/commit/befa2e627a5a33a38c92db3e57c07d8246a24acfhttps://security.gentoo.org/glsa/201903-11https://github.com/xrootd/xrootd/blob/befa2e627a5a33a38c92db3e57c07d8246a24acf/src/XrdSecgsi/XrdSecgsiGMAPFunLDAP.cc#L85https://github.com/xrootd/xrootd/blob/v4.6.1/docs/ReleaseNotes.txthttps://github.com/xrootd/xrootd/commit/befa2e627a5a33a38c92db3e57c07d8246a24acfhttps://security.gentoo.org/glsa/201903-11
2017-11-17
Published