SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#659148

OPeNDAP arbitrary command execution vulnerability

Overview

The BES daemon in OPeNDAP server version 4 contains a vulnerability. This vulnerability may allow an attacker to execute arbitrary commands, or upload files to a remote server.

I. Description

OPeNDAP is a software package designed to help researchers exchange data sets that are stored in different formats. The most recent version of OPeNDAP is server 4, or Hyrax. The Hyrax server includes a daemon called BES.

From the BES download page:


    BES is a new, high-performance back-end server software framework that allows data providers more flexibility in providing end users views of their data. The current OPeNDAP data objects (DAS, DDS, and DataDDS) are still supported, but now data providers can add new data views, provide new functionality, and new features to their end users through the BES modular design. Providers can add new data handlers, new data objects/views, the ability to define views with constraints and aggregation, the ability to add reporting mechanisms, initialization hooks, and more.
The BES server improperly sanitizes data supplied in compressed files. An attacker may be able to exploit this vulnerability by sending a specially crafted compressed file to a vulnerable server.

II. Impact

An attacker to execute arbitrary commands on a vulnerable server.

III. Solution

Upgrade

BES 3.5.0 has been released to address this issue. Administrators are encouraged to upgrade as soon as possible.

Restrict access

Limiting network access to the BES daemon may prevent a remote attacker from exploiting this vulnerability. See BES installation guide for more details.

Systems Affected

VendorStatusDate NotifiedDate Updated
OPeNDAP, Inc.Vulnerable18-May-2007

References


http://www.opendap.org/download/BES.html
http://www.opendap.org/security.html
http://docs.opendap.org/index.php/Hyrax_1.2:_BES_Installation#Install
http://secunia.com/advisories/25319/

Credit

Thanks to NCIRT labs for reporting this vulnerability.

This document was written by Ryan Giobbi.

Other Information

Date Public:2007-05-14
Date First Published:2007-05-18
Date Last Updated:2007-05-21
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Metric:2.42
Document Revision:16

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2007 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader