Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1278

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-1999-1278
Last Modified 05 Sep 2008 04:19:08
Published 25 Dec 1998 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-1278

Summary

nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl.

Vulnerable Systems

Application

  • Nlog


References

XF - http-cgi-nlog-netbios(1550)

BUGTRAQ - 19981226 Nlog 1.1b released - security holes fixed

BUGTRAQ - 19981225 Re: Nlog v1.0 Released - Nmap 2.x log management / analyzing tool


Last Updated: 27 May 2016 10:35:22