Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1949

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1949
Last Modified 05 Sep 2008 04:50:30
Published 16 Jun 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1949

Summary

The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter.

Vulnerable Systems

Application

  • E107


References

BUGTRAQ - 20050610 Re: Arbitrary code execution in eping plugin

BUGTRAQ - 20050609 Arbitrary code execution in eping plugin

SECUNIA - 15678

CONFIRM - http://e107plugins.co.uk/news.php


Last Updated: 27 May 2016 10:40:21