CVE-2007-6350 - Vulnerability Details - OpenCVE

scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Scponly	Scponly

Configuration 1 [-]

OR	cpe:2.3:a:scponly:scponly::::::::
	cpe:2.3:a:scponly:scponly:4.2:::::::*
	cpe:2.3:a:scponly:scponly:4.3:::::::*
	cpe:2.3:a:scponly:scponly:4.4:::::::*
	cpe:2.3:a:scponly:scponly:4.5:::::::*

No data.

References

Link	Providers
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148
http://bugs.gentoo.org/show_bug.cgi?id=201726
http://osvdb.org/44137
http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup
http://secunia.com/advisories/28123
http://secunia.com/advisories/28538
http://secunia.com/advisories/28944
http://secunia.com/advisories/28981
http://security.gentoo.org/glsa/glsa-200802-06.xml
http://www.debian.org/security/2008/dsa-1473
http://www.securityfocus.com/bid/26900
http://www.securitytracker.com/id?1019103
http://www.vupen.com/english/advisories/2007/4243
https://nvd.nist.gov/vuln/detail/CVE-2007-6350
https://www.cve.org/CVERecord?id=CVE-2007-6350
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-12-14T20:00:00

Updated: 2024-08-07T16:02:36.466Z

Reserved: 2007-12-14T00:00:00

Link: CVE-2007-6350

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-12-14T20:46:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-6350

Redhat

Severity :

Publid Date: 2007-08-10T00:00:00Z

Links: CVE-2007-6350 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-12-19T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "26900", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26900"}, {"name": "DSA-1473", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1473"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=201726"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup"}, {"name": "ADV-2007-4243", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/4243"}, {"name": "GLSA-200802-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200802-06.xml"}, {"name": "28123", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28123"}, {"name": "44137", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/44137"}, {"name": "1019103", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019103"}, {"name": "28944", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28944"}, {"name": "FEDORA-2008-1728", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148"}, {"name": "28538", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28538"}, {"name": "FEDORA-2008-1743", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.html"}, {"name": "28981", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28981"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6350", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "26900", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26900"}, {"name": "DSA-1473", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1473"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=201726", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=201726"}, {"name": "http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup", "refsource": "CONFIRM", "url": "http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup"}, {"name": "ADV-2007-4243", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/4243"}, {"name": "GLSA-200802-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200802-06.xml"}, {"name": "28123", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28123"}, {"name": "44137", "refsource": "OSVDB", "url": "http://osvdb.org/44137"}, {"name": "1019103", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019103"}, {"name": "28944", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28944"}, {"name": "FEDORA-2008-1728", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.html"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148"}, {"name": "28538", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28538"}, {"name": "FEDORA-2008-1743", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.html"}, {"name": "28981", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28981"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:02:36.466Z"}, "title": "CVE Program Container", "references": [{"name": "26900", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26900"}, {"name": "DSA-1473", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1473"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=201726"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup"}, {"name": "ADV-2007-4243", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/4243"}, {"name": "GLSA-200802-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200802-06.xml"}, {"name": "28123", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28123"}, {"name": "44137", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/44137"}, {"name": "1019103", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1019103"}, {"name": "28944", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28944"}, {"name": "FEDORA-2008-1728", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148"}, {"name": "28538", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28538"}, {"name": "FEDORA-2008-1743", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.html"}, {"name": "28981", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28981"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6350", "datePublished": "2007-12-14T20:00:00", "dateReserved": "2007-12-14T00:00:00", "dateUpdated": "2024-08-07T16:02:36.466Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:scponly:scponly:*:*:*:*:*:*:*:*", "matchCriteriaId": "117508D1-B46B-42BC-B782-FA07405AD92F", "versionEndIncluding": "4.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9103A4C8-9706-4C9A-872A-8655A3E2C33D", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "8C9647F5-2FA5-44ED-9D36-3C32BAB26CED", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "BDE94CA7-C407-4C32-A012-71547850CA64", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "9895B767-8B21-4992-9C78-BB682E50658C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks."}, {"lang": "es", "value": "scponly versiones 4.6 y anteriores, permite a los usuarios autenticados remotos omitir las restricciones previstas y ejecutar c\u00f3digo invocando subcomandos peligrosos incluyendo (1) unison, (2) rsync, (3) svn, y (4) svnserve, como es demostrado originalmente mediante la creaci\u00f3n de un repositorio Subversion (SVN) con ganchos (hooks) maliciosos, luego usando svn para desencadenar la ejecuci\u00f3n de esos ganchos (hooks)."}], "id": "CVE-2007-6350", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-14T20:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148"}, {"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=201726"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/44137"}, {"source": "cve@mitre.org", "url": "http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28123"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28538"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28944"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28981"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200802-06.xml"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1473"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26900"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019103"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/4243"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.html"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437148"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=201726"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/44137"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://scponly.cvs.sourceforge.net/scponly/scponly/SECURITY?view=markup"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28123"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28538"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28944"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28981"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200802-06.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1473"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26900"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/4243"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00546.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00595.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}, {"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}