Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0849

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0849
Last Modified 05 Sep 2008 04:25:04
Published 06 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0849

Summary

viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.

Vulnerable Systems

Application

  • Duncan Hall Viralator 0.7

  • Duncan Hall Viralator 0.8

  • Duncan Hall Viralator 0.9 Pre1


References

XF - viralator-cgi-command-execution(7440)

BID - 3495

MISC - http://viralator.loddington.com/changes.html

BUGTRAQ - 20011101 Vulnerability in Viralator proxy extension


Last Updated: 27 May 2016 10:36:25