• info
• discussion
• exploit
• solution
• references

OPeNDAP Server3 Remote Command Execution Vulnerability

Solution:
The vendor states that Hyrax (Server4) is not vulnerable to this issue. The vendor has also released a patch for Server3 software. Please see the references for more information.


OPeNDAP Server3 3.2.10

• OPeNDAP server3-patch-04.27.2007.txt
  http://www.opendap.org/server3-patch-04.27.2007.txt

OPeNDAP Server3 3.7.4

• OPeNDAP server3-patch-04.27.2007.txt
  http://www.opendap.org/server3-patch-04.27.2007.txt