CVE-2008-3285

Published Jul 24, 2008

Last updated 6 years ago

Overview

Description: The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-94

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:alain_barbet:filesys_smbclientparser:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "357CE96B-368E-4BCA-A26E-5BF24C25D30C"
          },
          {
            "criteria": "cpe:2.3:a:alain_barbet:filesys_smbclientparser:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A40FE9D3-3F9A-46C1-9C4C-460A2C4FD299"
          },
          {
            "criteria": "cpe:2.3:a:alain_barbet:filesys_smbclientparser:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8789260-F5D2-4117-A81F-0C24B12F32CB"
          },
          {
            "criteria": "cpe:2.3:a:alain_barbet:filesys_smbclientparser:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA1E209F-03DA-4890-B4CF-0C1ABBF659E3"
          },
          {
            "criteria": "cpe:2.3:a:alain_barbet:filesys_smbclientparser:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "656F74B2-2F82-46C1-98AB-72ECC81D253E"
          },
          {
            "criteria": "cpe:2.3:a:alain_barbet:filesys_smbclientparser:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC661907-3306-4515-AC7E-7C92272E4FE0"
          },
          {
            "criteria": "cpe:2.3:a:alain_barbet:filesys_smbclientparser:2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E246BC92-3454-445B-8DBA-3EFAD4B90640"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References