Lucene search
HistoryFeb 13, 2005 - 5:00 a.m.
CVE-2004-1456
cvstrac
cve-2004-1456
remote command execution
rcsinfo
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.876 High
EPSS
Percentile
98.7%
filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo.
Affected configurations
Node
cvstraccvstracMatch1.1
ORcvstraccvstracMatch1.1.1
ORcvstraccvstracMatch1.1.2
ORcvstraccvstracMatch1.1.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| cvstrac:cvstrac | cvstrac | eq | 1.1 |
| cvstrac:cvstrac | cvstrac | eq | 1.1.1 |
| cvstrac:cvstrac | cvstrac | eq | 1.1.2 |
| cvstrac:cvstrac | cvstrac | eq | 1.1.3 |
Related
cvelist
cvelist
CVE-2004-1456
2005-02-13 05:00:00
nvd
nvd
CVE-2004-1456
2004-12-31 05:00:00
openvas
openvas
CVSTrac filediff vulnerability
2005-11-03 00:00:00
CVSTrac filediff vulnerability
2005-11-03 00:00:00
nessus
nessus
CVSTrac filediff Arbitrary Remote Code Execution
2004-08-09 00:00:00
checkpoint_advisories
checkpoint_advisories
CVSTrac FileDiff v2 Parameter Command Execution - Ver2 (CVE-2004-1456)
2015-03-26 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.876 High
EPSS
Percentile
98.7%
Related for CVE-2004-1456