Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0130

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0130
Last Modified 05 Sep 2008 04:45:24
Published 14 Apr 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0130

Summary

Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC sripts.

Vulnerable Systems

Application

  • Berlios Konversation 0.15


References

BUGTRAQ - 20050119 Multiple vulnerabilities in Konversation

XF - konversation-perlscript-execute-code(19008)

BID - 12312

CONFIRM - http://www.kde.org/info/security/advisory-20050121-1.txt

GENTOO - GLSA-200501-34

SECTRACK - 1012972

SECUNIA - 13989

SECUNIA - 13919


Last Updated: 27 May 2016 10:39:40