PT-2000-1623 · Auction Weaver · Auction Weaver Cgi Script

Publicado

2000-10-20

Atualizado

2008-09-10

CVE-2000-0690

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Auction Weaver CGI script versions 1.02 and earlier

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.

Recommendations For Auction Weaver CGI script versions 1.02 and earlier, avoid using the fromfile parameter until the issue is resolved. As a temporary workaround, consider restricting access to the vulnerable CGI script to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2000-0690

Produtos afetados

Auction Weaver Cgi Script

PT-2000-1623 · Auction Weaver · Auction Weaver Cgi Script

CVE-2000-0690

Identificadores relacionados

Produtos afetados

Referências · 4