CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4607

The command line interface in Overland Storage Snap Server 410 with GuardianOS 5.1.041 runs the "less" utility with a higher-privileged uid than the CLI user and without sufficient restriction on shell escapes, which allows local users to gain privileges using the "!" character within less to access a privileged shell.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.5%

CVSS Severity

CVSS v2 Score 7.2

References

http://www.juniper.net/security/auto/vulnerabilities/vuln36739.html
http://www.securityfocus.com/archive/1/507318/100/0/threaded
http://www.securityfocus.com/bid/36739
https://exchange.xforce.ibmcloud.com/vulnerabilities/53881
http://www.juniper.net/security/auto/vulnerabilities/vuln36739.html
http://www.securityfocus.com/archive/1/507318/100/0/threaded
http://www.securityfocus.com/bid/36739
https://exchange.xforce.ibmcloud.com/vulnerabilities/53881

Products affected by CVE-2009-4607

Overlandstorage » Snap Server 410 » Version: Any

cpe:2.3:h:overlandstorage:snap_server_410:*
Overlandstorage » Guardianos » Version: 5.1.041

cpe:2.3:o:overlandstorage:guardianos:5.1.041

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4607

Products

Pricing

Contact Us