Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3195

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2011-3195
Last Modified 21 Mar 2014 10:37:56
Published 21 Mar 2014 12:38:51
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-3195

Summary

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.

Vulnerable Systems

Application

  • Gplhost Domain Technologie Control 0.24.6

  • Gplhost Domain Technologie Control 0.25.1

  • Gplhost Domain Technologie Control 0.25.2

  • Gplhost Domain Technologie Control 0.25.3

  • Gplhost Domain Technologie Control 0.26.7

  • Gplhost Domain Technologie Control 0.26.8

  • Gplhost Domain Technologie Control 0.26.9

  • Gplhost Domain Technologie Control 0.27.3

  • Gplhost Domain Technologie Control 0.28.10

  • Gplhost Domain Technologie Control 0.28.2

  • Gplhost Domain Technologie Control 0.28.3

  • Gplhost Domain Technologie Control 0.28.4

  • Gplhost Domain Technologie Control 0.28.6

  • Gplhost Domain Technologie Control 0.28.9

  • Gplhost Domain Technologie Control 0.29.1

  • Gplhost Domain Technologie Control 0.29.10

  • Gplhost Domain Technologie Control 0.29.14

  • Gplhost Domain Technologie Control 0.29.15

  • Gplhost Domain Technologie Control 0.29.16

  • Gplhost Domain Technologie Control 0.29.17

  • Gplhost Domain Technologie Control 0.29.6

  • Gplhost Domain Technologie Control 0.29.8

  • Gplhost Domain Technologie Control 0.30.10

  • Gplhost Domain Technologie Control 0.30.18

  • Gplhost Domain Technologie Control 0.30.20

  • Gplhost Domain Technologie Control 0.30.6

  • Gplhost Domain Technologie Control 0.30.8

  • Gplhost Domain Technologie Control 0.32.1

  • Gplhost Domain Technologie Control 0.32.11

  • Gplhost Domain Technologie Control 0.32.2

  • Gplhost Domain Technologie Control 0.32.3

  • Gplhost Domain Technologie Control 0.32.4

  • Gplhost Domain Technologie Control 0.32.5

  • Gplhost Domain Technologie Control 0.32.6

  • Gplhost Domain Technologie Control 0.32.7


References

CONFIRM - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637477

MLIST - [oss-security] 20110824 Re: Re: CVE request: multiple vulnerabilities in dtc

MLIST - [oss-security] 20110813 Re: CVE request: multiple vulnerabilities in dtc

DEBIAN - DSA-2365

CONFIRM - http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3


Last Updated: 27 May 2016 10:55:16