Published: 07/06/2016 Updated: 09/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Apache James Server 2.3.2, when configured with file-based user repositories, allows malicious users to execute arbitrary system commands via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache james server 2.3.2

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::CmdStager def initialize(info={}) super(update_info(info, 'Name' ...

CWE-78 http://packetstormsecurity.com/files/133798/Apache-James-Server-2.3.2-Arbitrary-Command-Execution.html http://www.openwall.com/lists/oss-security/2015/09/30/7 http://www.openwall.com/lists/oss-security/2015/10/01/2 https://blogs.apache.org/james/entry/apache_james_server_2_3 http://www.securityfocus.com/archive/1/536575/100/0/threaded http://packetstormsecurity.com/files/156463/Apache-James-Server-2.3.2-Insecure-User-Creation-Arbitrary-File-Write.html https://nvd.nist.gov https://www.exploit-db.com/exploits/48130

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-7611

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect