Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2559

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2559
Last Modified 05 Sep 2008 04:52:05
Published 16 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2559

Summary

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.

Vulnerable Systems

Application

  • E107


References

CONFIRM - http://e107plugins.co.uk/news.php

BUGTRAQ - 20050805 Vulnerability in ePing and eTrace plugins of e107


Last Updated: 27 May 2016 10:40:34