Lucene search

[email protected]CVE-2001-0849

HistoryDec 06, 2001 - 5:00 a.m.

CVE-2001-0849

2001-12-0605:00:00

[email protected]

web.nvd.nist.gov

viralator

cve-2001-0849

code execution

wget call

cgi script

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.5%

JSON

viralator CGI script in Viralator 0.9pre1 and earlier allows remote attackers to execute arbitrary code via a URL for a file being downloaded, which is insecurely passed to a call to wget.

Affected configurations

NVD

Node

duncan_hallviralatorMatch0.7

duncan_hallviralatorMatch0.8

duncan_hallviralatorMatch0.9_pre1

CPENameOperatorVersion
duncan_hall:viralatorduncan hall viralatoreq0.7
duncan_hall:viralatorduncan hall viralatoreq0.8
duncan_hall:viralatorduncan hall viralatoreq0.9_pre1

CPE	Name	Operator	Version
duncan_hall:viralator	duncan hall viralator	eq	0.7
duncan_hall:viralator	duncan hall viralator	eq	0.8
duncan_hall:viralator	duncan hall viralator	eq	0.9_pre1

References

marc.info/?l=bugtraq&m=100463639800515&w=2

viralator.loddington.com/changes.html

www.securityfocus.com/bid/3495

exchange.xforce.ibmcloud.com/vulnerabilities/7440

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2001-0849

openvas2 nessus1 nvd1 cvelist1