Lucene search

K

[email protected]CVE-2008-0932

HistoryFeb 25, 2008 - 9:44 p.m.

CVE-2008-0932

2008-02-2521:44:00

CWE-20

[email protected]

web.nvd.nist.gov

31

cve-2008-0932

diatheke.pl

the sword project

remote command execution

security vulnerability

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.1%

diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.

CPENameOperatorVersion
the_sword_project:diatheke_front_endthe sword project diatheke front endle1.5.9
the_sword_project:swordthe sword project swordle1.5.9

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=466449

secunia.com/advisories/25400

secunia.com/advisories/29012

secunia.com/advisories/29115

secunia.com/advisories/29181

security.gentoo.org/glsa/glsa-200803-06.xml

www.debian.org/security/2008/dsa-1508

www.securityfocus.com/bid/27874

www.securityfocus.com/bid/27987

www.vupen.com/english/advisories/2008/0670/references

bugzilla.redhat.com/show_bug.cgi?id=433723

www.redhat.com/archives/fedora-package-announce/2008-February/msg00769.html

www.redhat.com/archives/fedora-package-announce/2008-February/msg00806.html

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.1%

Related for CVE-2008-0932

prion1 openvas8 nessus4 securityvulns4 debiancve1 osv1 ubuntucve1 redhatcve1 debian1 gentoo1