Lucene search

[email protected]CVE-2004-0745

HistorySep 28, 2004 - 4:00 a.m.

CVE-2004-0745

2004-09-2804:00:00

[email protected]

web.nvd.nist.gov

cve-2004-0745

lha 1.14

arbitrary command execution

directory name

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.9%

JSON

LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name.

Affected configurations

NVD

Node

tsugio_okamotolhaRange≤1.14

CPENameOperatorVersion
tsugio_okamoto:lhatsugio okamoto lhale1.14

CPE	Name	Operator	Version
tsugio_okamoto:lha	tsugio okamoto lha	le	1.14

References

www.gentoo.org/security/en/glsa/glsa-200409-13.xml

www.redhat.com/support/errata/RHSA-2004-323.html

www.redhat.com/support/errata/RHSA-2004-440.html

bugzilla.fedora.us/show_bug.cgi?id=1833

exchange.xforce.ibmcloud.com/vulnerabilities/17198

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11088

Social References

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.9%

JSON

Related for CVE-2004-0745

nvd1 ubuntucve1 cvelist1 nessus7 gentoo1 openvas4 redhat2 freebsd1