Lucene search
MitreCVE-2002-1582HistoryDec 06, 2004 - 5:00 a.m.
CVE-2002-1582
2004-12-0605:00:00
mitre
web.nvd.nist.gov
25
cve-2002-1582
mailreader
sendmail
command execution
network.cgi
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
High
EPSS
0.014
Percentile
86.6%
compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi.
Affected configurations
Node
mailreader.commailreader.comMatch2.3.30
ORmailreader.commailreader.comMatch2.3.31
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mailreader.com | mailreader.com | 2.3.30 | cpe:2.3:a:mailreader.com:mailreader.com:2.3.30:*:*:*:*:*:*:* |
| mailreader.com | mailreader.com | 2.3.31 | cpe:2.3:a:mailreader.com:mailreader.com:2.3.31:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2002-1582
2004-07-06 04:00:00
nvd
nvd
CVE-2002-1582
2004-12-06 05:00:00
openvas
openvas
mailreader.com < 2.3.32 Multiple Vulnerabilities
2005-11-03 00:00:00
mailreader.com directory traversal and arbitrary command execution
2005-11-03 00:00:00
nessus
nessus
Mailreader 2.3.30 - 2.3.31 Multiple Vulnerabilities
2003-06-26 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
High
EPSS
0.014
Percentile
86.6%
Related for CVE-2002-1582