CVE-2007-5922

Published: Nov 10, 2007Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in November 2007, contains an externally introduced backdoor that e-mails sensitive information (hostnames, usernames, and shell history) to a fixed address.

Affected (2)

Products: Bitchx: Bitchx · Cypress: Cypress

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Bitchx Bitchx	All versions
Cypress Cypress	Version 1.0k

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://osvdb.org/42073

Source: cve@mitre.org

http://secunia.com/advisories/27556

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/483350/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/26372

Source: cve@mitre.org

http://osvdb.org/42073

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27556

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/483350/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/26372

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.