Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1044

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1044
Last Modified 07 Mar 2011 09:31:48
Published 07 Mar 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1044

Summary

Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603.

Vulnerable Systems

Application

  • Lsoft Listserv 14.3

  • Lsoft Listserv 14.4


References

CERT-VN - VU#841132

BID - 16951

BUGTRAQ - 20060304 Critical Risk Vulnerability in L-Soft Listserv

CONFIRM - http://www.lsoft.com/manuals/1.8e/relnotes/LISTSERV14.5-Release-Notes.html#wasecurityalert

SECTRACK - 1015722

VUPEN - ADV-2006-0824

XF - listserv-wa-cgi-bo(25168)

MISC - http://www.ngssoftware.com/advisories/listserv_3.txt

SECUNIA - 19106


Last Updated: 27 May 2016 10:41:54