Lucene search

[email protected]CVE-2005-1738

HistoryMay 24, 2005 - 4:00 a.m.

CVE-2005-1738

2005-05-2404:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1738

format string vulnerability

delbadfiles.c

iron bars shell

ibsh

syslog call

arbitrary code

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

JSON

Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to “access files outside the home directory” and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call.

Affected configurations

NVD

Node

iron_bars_shelliron_bars_shellMatch0.3a

iron_bars_shelliron_bars_shellMatch0.3b

iron_bars_shelliron_bars_shellMatch0.3c

CPENameOperatorVersion
iron_bars_shell:iron_bars_shelliron bars shelleq0.3a
iron_bars_shell:iron_bars_shelliron bars shelleq0.3b
iron_bars_shell:iron_bars_shelliron bars shelleq0.3c

CPE	Name	Operator	Version
iron_bars_shell:iron_bars_shell	iron bars shell	eq	0.3a
iron_bars_shell:iron_bars_shell	iron bars shell	eq	0.3b
iron_bars_shell:iron_bars_shell	iron bars shell	eq	0.3c

References

secunia.com/advisories/15473

sourceforge.net/project/shownotes.php?release_id=329340

www.securityfocus.com/bid/13720

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

JSON

Related for CVE-2005-1738

cvelist1 nvd1