CVE-2008-1319

VersantD service - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1319. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This entry is a writeup describing an arbitrary command execution vulnerability in Versant server versions <= 7.0.1.3. It references an external mirror for the exploit but does not contain actual exploit code.

Description

Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textremotewindows

https://www.exploit-db.com/exploits/5213

View Code ZIP pw:eip

This entry is a writeup describing an arbitrary command execution vulnerability in Versant server versions <= 7.0.1.3. It references an external mirror for the exploit but does not contain actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Versant server <= 7.0.1.3

No auth needed

Prerequisites: Network access to the target Versant server

MITRE ATT&CK