VDB
CNVD-2017-26163
CNVD-2017-26163
PUBLISHED
Supervisor是一个Python开发的client/server系统,可以管理和监控类UNIX操作系统上面的进程。它可以同时启动,关闭多个进程。 Supervisor存在远程命令执行漏洞。允许远程用户通过一个特制的XML-RPC请求执行任意命。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- Sep 6, 2011 CVE Published
- Sep 25, 2017 PoC Published
- May 29, 2018 PoC Published
- Oct 9, 2020 PoC Published
- Dec 14, 2024 PoC Published
- Dec 15, 2024 PoC Published
- Dec 25, 2024 PoC Published
- Dec 26, 2024 PoC Published
- Dec 28, 2024 PoC Published
- Dec 30, 2024 PoC Published
- Jan 3, 2025 PoC Published
- Jan 6, 2025 PoC Published
References
- RHSA-2017:3005 vendor-advisory
- https://github.com/Supervisor/supervisor/blob/3.3.3/CHANGES.txt url
- https://github.com/Supervisor/supervisor/blob/3.0.1/CHANGES.txt url
- https://github.com/Supervisor/supervisor/blob/3.2.4/CHANGES.txt url
- FEDORA-2017-307eab89e1 vendor-advisory
- FEDORA-2017-85eb9f7a36 vendor-advisory
- https://github.com/Supervisor/supervisor/blob/3.1.4/CHANGES.txt url
- FEDORA-2017-713430fb15 vendor-advisory
- DSA-3942 vendor-advisory
- https://github.com/Supervisor/supervisor/issues/964 url
- 42779 exploit
- GLSA-201709-06 vendor-advisory