Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2334

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-2334
Last Modified 05 Sep 2008 04:51:30
Published 20 Jul 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2334

Summary

Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.

Vulnerable Systems

Application

  • Y.sak


References

SECTRACK - 1014502

BID - 14299


Last Updated: 27 May 2016 10:40:28