CVE-2007-5922

{"id": "CVE-2007-5922", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-11-10T02:46:00.000", "references": [{"url": "http://osvdb.org/42073", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27556", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/483350/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26372", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/42073", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27556", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/483350/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/26372", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostnames, usernames, and shell history) to a fixed address."}, {"lang": "es", "value": "El modules/mdop.m en la secuencia de comandos Cypress 1.0k para el BitchX, como la descargada en el sitio de distribuci\u00f3n en Noviembre de 2007, contiene una puerta trasera introducida externamente, que env\u00eda un correo electr\u00f3nico con informaci\u00f3n sensible (nombre de host, nombre de usuarios y el hist\u00f3rico del shell) a una direcci\u00f3n determinada."}], "lastModified": "2024-11-21T00:38:57.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bitchx:bitchx:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27E8D691-59CD-4C35-8FB0-3B41A6858984"}, {"criteria": "cpe:2.3:a:cypress:cypress:1.0k:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8046282-5569-415A-A385-07AF27365803"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}