Lucene search

[email protected]CVE-2003-1405

HistoryOct 20, 2007 - 10:00 a.m.

CVE-2003-1405

2007-10-2010:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2003-1405

dotbr 0.1

remote attackers

arbitrary shell commands

exec.php3

system.php3

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3.

Affected configurations

NVD

Node

dotbrbotbrMatch0.1

CPENameOperatorVersion
dotbr:botbrdotbr botbreq0.1

CPE	Name	Operator	Version
dotbr:botbr	dotbr botbr	eq	0.1

References

archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html

www.osvdb.org/5089

www.osvdb.org/5090

www.securityfocus.com/bid/6866

www.securityfocus.com/bid/6867

exchange.xforce.ibmcloud.com/vulnerabilities/11355

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2003-1405

cvelist1 nvd1