Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2009-3102

Published: 08/09/2009 Updated: 17/08/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Zmanda

Vulnerability Summary

The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x prior to 2.1.1 allows remote malicious users to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.

Vulnerable Product Search on Vulmon Subscribe to Product

zmanda zrm for my sql 2.1

References

CWE-20http://forums.zmanda.com/showthread.php?p=8068http://secunia.com/advisories/36424http://twitter.com/elegerov/statuses/3518763099http://twitter.com/elegerov/statuses/3547652507http://secunia.com/advisories/36429http://www.intevydis.com/blog/?p=51https://exchange.xforce.ibmcloud.com/vulnerabilities/52978https://exchange.xforce.ibmcloud.com/vulnerabilities/52977https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661open redirectCVE-2024-25512CVE-2024-33788command injectionSSTICVE-2024-0043CVE-2024-29210CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook