CVE-2010-3752
Openswan: Gateway arbitrary code execution via shell metacharacters in cisco_dns_info or cisco_domain_info data in packet
Severity Score
6.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in (1) cisco_dns_info or (2) cisco_domain_info data in a packet, a different vulnerability than CVE-2010-3302.
programs/pluto/xauth.c en el cliente en Openswan v2.6.26 a v2.6.28 permite ejecutar, a gateways autenticados remotos, comandos de su elección a través de metacaracteres encubiertos en el campo cisco_banner (también conocido como server_banner). Se trata de una vulnerabilidad diferente a CVE-2010-3308.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-10-05 CVE Reserved
- 2010-10-05 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/43588 | Vdb Entry | |
http://www.securitytracker.com/id?1024749 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.openswan.org/download/CVE-2010-3302/CVE-2010-3302.txt | 2019-07-29 | |
http://www.redhat.com/support/errata/RHSA-2010-0892.html | 2019-07-29 | |
http://www.vupen.com/english/advisories/2010/2526 | 2019-07-29 | |
https://access.redhat.com/security/cve/CVE-2010-3752 | 2010-11-16 | |
https://bugzilla.redhat.com/show_bug.cgi?id=640711 | 2010-11-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.25 Search vendor "Xelerance" for product "Openswan" and version "2.6.25" | - |
Affected
| ||||||
Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.26 Search vendor "Xelerance" for product "Openswan" and version "2.6.26" | - |
Affected
| ||||||
Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.27 Search vendor "Xelerance" for product "Openswan" and version "2.6.27" | - |
Affected
| ||||||
Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.6.28 Search vendor "Xelerance" for product "Openswan" and version "2.6.28" | - |
Affected
|