CVE-2013-4267 - OpenCVE

Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFileSystem function in the File System (Standard) module (plugins/access.fs/class.fsAccessWrapper.php), or the (3) revision parameter to the Subversion Repository module (plugins/meta.svn/class.SvnManager.php).

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Pydio	Pydio

Configuration 1 [-]

cpe:2.3:a:pydio:pydio:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2013/08/21/16	Mailing List Third Party Advisory
https://github.com/pydio/pydio-core/commit/22a62840e5ac14bb389	Patch Third Party Advisory
https://www.tenable.com/plugins/nessus/70495	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2020-02-11T03:58:09

Updated: 2020-02-11T03:58:09

Reserved: 2013-06-12T00:00:00

Link: CVE-2013-4267

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-02-11T12:15:11.507

Modified: 2020-02-12T19:54:08.047

Link: CVE-2013-4267

JSON object: View

Redhat Information

No data.

CWE

CWE-78

{"containers": {"cna": {"affected": [{"product": "Ajaxeplorer", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 5.0.1"}]}], "datePublic": "2013-06-24T00:00:00", "descriptions": [{"lang": "en", "value": "Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFileSystem function in the File System (Standard) module (plugins/access.fs/class.fsAccessWrapper.php), or the (3) revision parameter to the Subversion Repository module (plugins/meta.svn/class.SvnManager.php)."}], "problemTypes": [{"descriptions": [{"description": "Metacharacters", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-11T03:58:09", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.openwall.com/lists/oss-security/2013/08/21/16"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/pydio/pydio-core/commit/22a62840e5ac14bb389"}, {"tags": ["x_refsource_MISC"], "url": "https://www.tenable.com/plugins/nessus/70495"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4267", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Ajaxeplorer", "version": {"version_data": [{"version_value": "before 5.0.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFileSystem function in the File System (Standard) module (plugins/access.fs/class.fsAccessWrapper.php), or the (3) revision parameter to the Subversion Repository module (plugins/meta.svn/class.SvnManager.php)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Metacharacters"}]}]}, "references": {"reference_data": [{"name": "http://www.openwall.com/lists/oss-security/2013/08/21/16", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2013/08/21/16"}, {"name": "https://github.com/pydio/pydio-core/commit/22a62840e5ac14bb389", "refsource": "MISC", "url": "https://github.com/pydio/pydio-core/commit/22a62840e5ac14bb389"}, {"name": "https://www.tenable.com/plugins/nessus/70495", "refsource": "MISC", "url": "https://www.tenable.com/plugins/nessus/70495"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4267", "datePublished": "2020-02-11T03:58:09", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2020-02-11T03:58:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pydio:pydio:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2CEDC27-F583-4619-9FDA-0C152BF7B953", "versionEndExcluding": "5.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFileSystem function in the File System (Standard) module (plugins/access.fs/class.fsAccessWrapper.php), or the (3) revision parameter to the Subversion Repository module (plugins/meta.svn/class.SvnManager.php)."}, {"lang": "es", "value": "Ajaxeplorer versiones anteriores a 5.0.1, permite a atacantes remotos ejecutar comandos arbitrarios por medio de metacaracteres de shell en el (1) par\u00e1metro archive_name en el m\u00f3dulo Power FS (archivo plugins/action.powerfs/class.PowerFSController.php), un (2) nombre de archivo en la funci\u00f3n getTrustSizeOnFileSystem en el m\u00f3dulo File System (Standard) (archivo plugins/access.fs/class.fsAccessWrapper.php), o el par\u00e1metro revision (3) en el m\u00f3dulo Subversion Repository (archivo plugins/meta.svn/class.SvnManager.php)."}], "id": "CVE-2013-4267", "lastModified": "2020-02-12T19:54:08.047", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-11T12:15:11.507", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2013/08/21/16"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/pydio/pydio-core/commit/22a62840e5ac14bb389"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/plugins/nessus/70495"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}