Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5922

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-5922
Last Modified 15 Nov 2008 02:02:40
Published 09 Nov 2007 09:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5922

Summary

The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostnames, usernames, and shell history) to a fixed address.

Vulnerable Systems

Application

  • Bitchx

  • Cypress 1.0k


References

BID - 26372

BUGTRAQ - 20071106 Cypress BX script backdoored?

SECUNIA - 27556

OSVDB - 42073


Last Updated: 27 May 2016 10:46:19