Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1456

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1456
Last Modified 05 Sep 2008 04:41:25
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1456

Summary

filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo.

Vulnerable Systems

Application

  • Cvstrac 1.1

  • Cvstrac 1.1.1

  • Cvstrac 1.1.2

  • Cvstrac 1.1.3


References

CERT-VN - VU#770816

CONFIRM - http://www.cvstrac.org/cvstrac/chngview?cn=316

SECUNIA - 12090

XF - cvstrac-command-execute(16929)

BID - 10878

OSVDB - 8373

CONFIRM - http://www.cvstrac.org/cvstrac/tktview?tn=339

BUGTRAQ - 20040805 CVStrac Remote Arbitrary Code Execution exploit


Last Updated: 27 May 2016 10:39:02