Lucene search

[email protected]CVE-2005-0436

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0436

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

code injection

vulnerability

awstats

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.3%

JSON

Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter.

CPENameOperatorVersion
awstats:awstatsawstatseq6.3
awstats:awstatsawstatseq6.4

CPE	Name	Operator	Version
awstats:awstats	awstats	eq	6.3
awstats:awstats	awstats	eq	6.4

References

secunia.com/advisories/14299

www.osvdb.org/13832

www.securityfocus.com/archive/1/390368

exchange.xforce.ibmcloud.com/vulnerabilities/19336

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.3%

JSON

Related for CVE-2005-0436

debiancve1 ubuntucve1 securityvulns1 nessus3 openvas2 freebsd1