Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4641

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4641
Last Modified 03 Dec 2008 01:45:12
Published 21 Oct 2008 02:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4641

Summary

The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.

Vulnerable Systems

Application

  • Sentex Jhead 1.2

  • Sentex Jhead 1.3

  • Sentex Jhead 1.4

  • Sentex Jhead 1.5

  • Sentex Jhead 1.6

  • Sentex Jhead 1.7

  • Sentex Jhead 1.8

  • Sentex Jhead 1.9

  • Sentex Jhead 2.0

  • Sentex Jhead 2.1

  • Sentex Jhead 2.2

  • Sentex Jhead 2.3

  • Sentex Jhead 2.4

  • Sentex Jhead 2.4-1

  • Sentex Jhead 2.4-2

  • Sentex Jhead 2.5

  • Sentex Jhead 2.6

  • Sentex Jhead 2.7

  • Sentex Jhead 2.8

  • Sentex Jhead 2.82


References

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/271020

BID - 31921

MLIST - [oss-security] 20081127 Re: CVE request: jhead

MLIST - [oss-security] 20081016 Re: CVE request: jhead

MLIST - [oss-security] 20081015 Re: CVE request: jhead

MLIST - [oss-security] 20081015 CVE request: jhead


Last Updated: 27 May 2016 10:48:34