CVE-2007-0882

EPSS 90.96% · P100 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-0882

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Sun Solaris Telnet服务远程绕过认证漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris 10的TELNET服务在处理畸形的认证数据时存在漏洞，远程攻击者可能利用此漏洞绕过认证获得访问。 Solaris 10的Telnet守护进程未经检查将用户可能提交的畸形参数直接传递给login进程处理，login进程由此执行非预期的用户身份切换操作。这可能允许用户无需口令便可以某些特权用户权限登录到系统，获得完全的系统访问，如果系统未能对root用户登录位置作限制，获取root用户访问也是可能的。目前这个漏洞正在被积极的利

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-0882

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-0882

请登录查看更多情报信息。

http://isc.sans.org/diary.html?storyid=2220x_refsource_MISC
http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-disable.htmlx_refsource_MISC
http://osvdb.org/31881vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/22512vdb-entryx_refsource_BID
http://secunia.com/advisories/24120third-party-advisoryx_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1vendor-advisoryx_refsource_SUNALERT
http://www.securitytracker.com/id?1017625vdb-entryx_refsource_SECTRACK
http://www.us-cert.gov/cas/techalerts/TA07-059A.htmlthird-party-advisoryx_refsource_CERT
http://www.kb.cert.org/vuls/id/881872third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2007/0560vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2202vdb-entrysignaturex_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/32434vdb-entryx_refsource_XF
http://seclists.org/fulldisclosure/2007/Feb/0217.htmlmailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/460086/100/100/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/459843/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/460103/100/100/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/459831/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/459855/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/459980/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-0882

Same Patch Batch · n/a · 2007-02-12 · 44 CVEs total

CVE-2007-0875		mcRefer SQL注入漏洞
CVE-2006-6998		Headstart Solutions DeskPRO 'loader_help.php'信息泄露漏洞
CVE-2007-0877		March Networks DVR 3000和4000 Digital Video Recorders未明漏洞
CVE-2006-6999		Headstart Solutions DeskPRO 'attachment.php'任意文件读取漏洞
CVE-2006-6993		Neuron Blog 'pages/addcomment2.php'SQL注入漏洞
CVE-2006-6994		OzzyWork Gallery add.asp无限制文件上传漏洞
CVE-2006-6995		V3 Chat mycontacts.php权限提升漏洞
CVE-2006-6996		warforge.NEWS 多个跨站脚本攻击漏洞
CVE-2006-6997		MailEnable Standard Edition密码特征未明漏洞
CVE-2005-4828		Kolab Server本地漏洞
CVE-2007-0876		Qdig QWD 高级URI跨站脚本攻击漏洞
CVE-2007-0874		Allons_voter 多个认证绕过漏洞
CVE-2007-0873		Nabopoll survey.inc.php远程文件包含漏洞
CVE-2007-0872		Mozilla Firefox Plain Old Webserver (POW) 附加装置目录遍历漏洞
CVE-2007-0871		eXtremePow eXtreme File Hosting无限制文件上传漏洞
CVE-2006-7002		Wheatblog (wB) 'add_comment.php' 跨站脚本攻击漏洞
CVE-2006-7001		PhpMyChat Plus 'avatar.php'目录遍历漏洞
CVE-2007-0885		Rainbow 'BrowseProject.jsp'跨站脚本攻击漏洞
CVE-2007-0884		Roaring Penguin Software MIMEDefang远程缓冲区溢出漏洞
CVE-2007-0883		IP3 NetAccess远程目录遍历漏洞

Showing top 20 of 44 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2007-0882

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-0882

I. Basic Information for CVE-2007-0882

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2007-0882

III. Intelligence Information for CVE-2007-0882

Same Patch Batch · n/a · 2007-02-12 · 44 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2007-0882

Leave a comment