CVE-2007-1836
First published: Tue Apr 03 2007(Updated: )
The command line administration interface in Data Domain OS before 4.0.3.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in certain arguments to various commands, as demonstrated by the interface argument to the (1) ifconfig and (2) ping commands.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Data Domain Operating System | <=4.0.3.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-1836?
CVE-2007-1836 is considered a critical vulnerability as it allows remote authenticated users to execute arbitrary commands.
How do I fix CVE-2007-1836?
To fix CVE-2007-1836, upgrade Data Domain OS to version 4.0.3.6 or later.
Who is affected by CVE-2007-1836?
CVE-2007-1836 affects all versions of Data Domain OS prior to 4.0.3.6.
What types of commands can be exploited in CVE-2007-1836?
CVE-2007-1836 can be exploited through commands like ifconfig and ping using shell metacharacters.
What are the potential consequences of exploiting CVE-2007-1836?
Exploiting CVE-2007-1836 could allow an attacker to execute arbitrary commands on the affected system, compromising its integrity.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/data domain
- canonical/emc data domain operating system
- version/emc data domain operating system/4.0.3.5