Lucene search
HistoryJul 19, 2005 - 4:00 a.m.
CVE-2004-2284
information security
vulnerability
cve-2004-2284
openwebmail
remote execution
shell metacharacters
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
High
0.024 Low
EPSS
Percentile
89.9%
The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument.
Affected configurations
Node
open_webmailopen_webmailMatch1.7
ORopen_webmailopen_webmailMatch1.8
ORopen_webmailopen_webmailMatch1.71
ORopen_webmailopen_webmailMatch1.81
ORopen_webmailopen_webmailMatch1.90
ORopen_webmailopen_webmailMatch2.20
ORopen_webmailopen_webmailMatch2.21
ORopen_webmailopen_webmailMatch2.30
ORopen_webmailopen_webmailMatch2.31
ORopen_webmailopen_webmailMatch2.32
Related
openvas
openvas
Open WebMail vacation.pl Arbitrary Command Execution
2005-11-03 00:00:00
Open WebMail vacation.pl Arbitrary Command Execution
2005-11-03 00:00:00
nvd
nvd
CVE-2004-2284
2004-12-31 05:00:00
cvelist
cvelist
CVE-2004-2284
2005-07-19 04:00:00
nessus
nessus
Open WebMail vacation.pl Arbitrary Command Execution
2004-07-06 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
High
0.024 Low
EPSS
Percentile
89.9%
Related for CVE-2004-2284