CVE-2007-3621 Information

Description

Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3.0 and earlier allow remote attackers to inject arbitrary shell commands via the (1) IN and (2) OUT parameters.

Reference

http://bestof.nerdvittles.com/applications/asteridex/ http://osvdb.org/37846 http://secunia.com/advisories/25965 http://securityreason.com/securityalert/2863 http://www.hoku.co.uk/advisories/asteridex.txt http://www.securityfocus.com/archive/1/472907/100/0/threaded http://www.securityfocus.com/bid/24781 http://www.vupen.com/english/advisories/2007/2446 https://exchange.xforce.ibmcloud.com/vulnerabilities/35270 https://www.exploit-db.com/exploits/4151