Vulnerability CVE-2006-0777
Published: 2006-02-18   Modified: 2012-02-12

Description:
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters.

See advisories in our WLB2 database:
Topic
Author
Date
High
Guestex Shell Command Execution Vulnerability
alex evuln com
25.02.2006

Type:

CWE-Other

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Teca scripts -> Guestex 

 References:
http://securityreason.com/securityalert/489
http://www.evuln.com/vulns/76/summary.html
http://www.securityfocus.com/archive/1/425970/100/0/threaded
http://www.securityfocus.com/bid/16711
http://www.vupen.com/english/advisories/2006/0640
https://exchange.xforce.ibmcloud.com/vulnerabilities/24645
Copyright 2024, cxsecurity.com

 

Back to Top