Lucene search

[email protected]CVE-2001-0216

HistoryJun 02, 2001 - 4:00 a.m.

CVE-2001-0216

2001-06-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0216

pals library system

remote attackers

arbitrary commands

shell metacharacters

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.5%

JSON

PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter.

Affected configurations

NVD

Node

mnscu_palswebpalsMatch1.0

CPENameOperatorVersion
mnscu_pals:webpalsmnscu pals webpalseq1.0

CPE	Name	Operator	Version
mnscu_pals:webpals	mnscu pals webpals	eq	1.0

References

archives.neohapsis.com/archives/bugtraq/2001-02/0220.html

www.securityfocus.com/bid/2372

exchange.xforce.ibmcloud.com/vulnerabilities/6102

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2001-0216

nvd1 cvelist1 nessus1