Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1993

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-1993
Last Modified 05 Sep 2008 04:32:02
Published 31 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1993

Summary

webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter.

Vulnerable Systems

Application

  • Affordable Web Space Design Webbbs 4.0

  • Affordable Web Space Design Webbbs 4.1

  • Affordable Web Space Design Webbbs 4.10

  • Affordable Web Space Design Webbbs 4.11

  • Affordable Web Space Design Webbbs 4.12

  • Affordable Web Space Design Webbbs 4.2

  • Affordable Web Space Design Webbbs 4.20

  • Affordable Web Space Design Webbbs 4.21

  • Affordable Web Space Design Webbbs 4.22

  • Affordable Web Space Design Webbbs 4.30

  • Affordable Web Space Design Webbbs 4.31

  • Affordable Web Space Design Webbbs 4.32

  • Affordable Web Space Design Webbbs 4.33

  • Affordable Web Space Design Webbbs 5.0


References

BID - 5048

XF - webbs-followup-execute-commands(9378)

BUGTRAQ - 20020618 WebBBS 5.0 (andlater versions) vulnerable: allow commands execution via "followup" bug


Last Updated: 27 May 2016 10:37:34