Lucene search

[email protected]CVE-2006-1044

HistoryMar 07, 2006 - 11:02 a.m.

CVE-2006-1044

2006-03-0711:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1044

buffer overflows

listserv

remote code execution

web archive interface

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.254 Low

EPSS

Percentile

96.6%

JSON

Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603.

CPENameOperatorVersion
lsoft:listservlsoft listserveq14.4
lsoft:listservlsoft listserveq14.3

CPE	Name	Operator	Version
lsoft:listserv	lsoft listserv	eq	14.4
lsoft:listserv	lsoft listserv	eq	14.3

References

secunia.com/advisories/19106

securitytracker.com/id?1015722

www.kb.cert.org/vuls/id/841132

www.lsoft.com/manuals/1.8e/relnotes/LISTSERV14.5-Release-Notes.html#wasecurityalert

www.ngssoftware.com/advisories/listserv_3.txt

www.securityfocus.com/archive/1/426770/100/0/threaded

www.securityfocus.com/bid/16951

www.vupen.com/english/advisories/2006/0824

exchange.xforce.ibmcloud.com/vulnerabilities/25168

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.254 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2006-1044

nessus1 prion1 cert1