OPeNDAP BES Compressed Files Remote Command Execution Vulnerability

OPeNDAP BES is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input.

Exploiting this issue allows attackers to execute arbitrary commands or to upload files, all in the context of the server.

A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.

This issue affects BES versions prior to 3.5.0.


Privacy Statement
Copyright 2010, SecurityFocus