Lucene search

[email protected]CVE-2002-1874

HistoryJun 28, 2005 - 4:00 a.m.

CVE-2002-1874

2005-06-2804:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2002-1874

astrocam.cgi

remote code execution

shell metacharacters

security vulnerability

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

83.0%

JSON

astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.

Affected configurations

NVD

Node

astrocamastrocamMatch0.9-1-1beta

astrocamastrocamMatch0.9-5-1beta

astrocamastrocamMatch0.9-7-3beta

astrocamastrocamMatch1.0.1beta

astrocamastrocamMatch1.4beta

CPENameOperatorVersion
astrocam:astrocamastrocameq0.9-1-1
astrocam:astrocamastrocameq0.9-5-1
astrocam:astrocamastrocameq0.9-7-3
astrocam:astrocamastrocameq1.0.1
astrocam:astrocamastrocameq1.4

CPE	Name	Operator	Version
astrocam:astrocam	astrocam	eq	0.9-1-1
astrocam:astrocam	astrocam	eq	0.9-5-1
astrocam:astrocam	astrocam	eq	0.9-7-3
astrocam:astrocam	astrocam	eq	1.0.1
astrocam:astrocam	astrocam	eq	1.4

References

astrocam.svn.sourceforge.net/viewvc/astrocam/BUGS?view=markup

securitytracker.com/id?1005523

www.iss.net/security_center/static/10538.php

www.securityfocus.com/bid/6105

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

83.0%

JSON

Related for CVE-2002-1874

cvelist1 nvd1