Lucene search
HistorySep 16, 2005 - 8:03 p.m.
CVE-2005-2877
twiki
remote code execution
shell metacharacters
cve-2005-2877
nvd
7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.968 High
EPSS
Percentile
99.7%
The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers.
Related
saint
saint
TWiki revision control shell command injection
2006-04-06 00:00:00
TWiki revision control shell command injection
2006-04-06 00:00:00
TWiki revision control shell command injection
2006-04-06 00:00:00
checkpoint_advisories
checkpoint_advisories
TWiki rev Parameter Shell Command Injection (CVE-2005-2877)
2009-10-05 00:00:00
securityvulns
securityvulns
TWiki Remote Command Execution Vulnerability
2005-09-15 00:00:00
packetstorm
packetstorm
TWiki History TWikiUsers rev Parameter Command Execution
2010-02-23 00:00:00
nessus
nessus
TWiki 'rev' Parameter Arbitrary Command Execution
2005-09-15 00:00:00
ubuntucve
ubuntucve
CVE-2005-2877
2005-09-16 00:00:00
cert
cert
TWiki does not properly sanitize URI parameters
2005-09-20 00:00:00
7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.968 High
EPSS
Percentile
99.7%
Related for CVE-2005-2877