Lucene search

[email protected]CVE-2002-0306

HistoryMay 31, 2002 - 4:00 a.m.

CVE-2002-0306

2002-05-3104:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0306

ans.pl

ans 2.11

remote attack

arbitrary commands

shell metacharacters

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

ans.pl in Avenger’s News System (ANS) 2.11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the p (plugin) parameter.

Affected configurations

NVD

Node

avengers_news_systemavengers_news_systemMatch2.01

avengers_news_systemavengers_news_systemMatch2.11

CPENameOperatorVersion
avengers_news_system:avengers_news_systemavengers news systemeq2.01
avengers_news_system:avengers_news_systemavengers news systemeq2.11

CPE	Name	Operator	Version
avengers_news_system:avengers_news_system	avengers news system	eq	2.01
avengers_news_system:avengers_news_system	avengers news system	eq	2.11

References

marc.info/?l=bugtraq&m=101430868616112&w=2

www.securityfocus.com/bid/4149

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for CVE-2002-0306

cvelist1 nvd1