Lucene search
HistoryMay 12, 2003 - 4:00 a.m.
CVE-2003-0205
cve-2003-0205
gkrellm
newsticker
plugin
remote attackers
arbitrary commands
shell metacharacters
security vulnerability
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.0%
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
Affected configurations
Node
gkrellm_newstickergkrellm_newstickerMatch0.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| gkrellm_newsticker:gkrellm_newsticker | gkrellm newsticker | eq | 0.3 |
Related
cvelist
cvelist
CVE-2003-0205
2003-04-26 04:00:00
nvd
nvd
CVE-2003-0205
2003-05-12 04:00:00
debian
debian
openvas
openvas
Debian: Security Advisory (DSA-294)
2008-01-17 00:00:00
Debian Security Advisory DSA 294-1 (gkrellm-newsticker)
2008-01-17 00:00:00
securityvulns
securityvulns
Security problems in gkrellm-newsticker
2003-04-23 00:00:00
osv
osv
gkrellm-newsticker - missing quoting, incomplete parser
2003-04-23 00:00:00
nessus
nessus
Debian DSA-294-1 : gkrellm-newsticker - missing quoting, incomplete parser
2004-09-29 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.0%
Related for CVE-2003-0205