Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0439

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0439
Last Modified 05 Sep 2008 04:24:06
Published 02 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0439

Summary

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

Vulnerable Systems

Operating System

  • Conectiva Linux 4.0

  • Conectiva Linux 4.0es

  • Conectiva Linux 4.1

  • Conectiva Linux 4.2

  • Conectiva Linux 5.0

  • Freebsd 3.5.1

  • Freebsd 4.2

  • Mandrakesoft Mandrake Linux 7.1

  • Mandrakesoft Mandrake Linux 7.2

  • Mandrakesoft Mandrake Linux Corporate Server 1.0.1

  • Redhat Linux 7.0

Application

  • Licq 1.0.2


References

XF - licq-url-execute-commands(6261)

MANDRAKE - MDKSA-2001:032

CONECTIVA - CLA-2001:389

FREEBSD - FreeBSD-SA-01:35

REDHAT - RHSA-2001:023

REDHAT - RHSA-2001:022

OSVDB - 5641


Last Updated: 27 May 2016 10:36:16