Lucene search
MitreCVELIST:CVE-2005-0638HistoryMar 04, 2005 - 5:00 a.m.
CVE-2005-0638
2005-03-0405:00:00
mitre
www.cve.org
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
References
bugs.gentoo.org/show_bug.cgi?id=79762
secunia.com/advisories/14459
secunia.com/advisories/14462
security.gentoo.org/glsa/glsa-200503-05.xml
support.avaya.com/elmodocs2/security/ASA-2005-134_RHSA-2005-332.pdf
www.debian.org/security/2005/dsa-695
www.osvdb.org/14365
www.redhat.com/support/errata/RHSA-2005-332.html
www.securityfocus.com/archive/1/433935/30/5010/threaded
www.securityfocus.com/bid/12712
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10898
Related
centos
centos
xloadimage security update
2005-04-20 00:48:53
xloadimage security update
2005-04-19 20:36:56
nessus
nessus
Fedora Core 3 : xloadimage-4.1-34.FC3 (2005-237)
2005-09-12 00:00:00
FreeBSD : xloadimage -- arbitrary command execution when handling compressed files (310d0087-0fde-4929-a41f-96f17c5adffe)
2005-07-13 00:00:00
CentOS 3 : xloadimage (CESA-2005:332-01)
2013-06-29 00:00:00
debiancve
debiancve
CVE-2005-0638
2005-03-04 05:00:00
redhat
redhat
(RHSA-2005:332) xloadimage security update
2005-04-19 00:00:00
cve
cve
CVE-2005-0638
2005-03-04 05:00:00
openvas
openvas
FreeBSD Ports: xli
2008-09-04 00:00:00
FreeBSD Ports: xli
2008-09-04 00:00:00
Debian: Security Advisory (DSA-694-1)
2008-01-17 00:00:00
freebsd
freebsd
xloadimage -- arbitrary command execution when handling compressed files
2005-02-18 00:00:00
nvd
nvd
CVE-2005-0638
2005-03-02 05:00:00
ubuntucve
ubuntucve
CVE-2005-0638
2005-03-02 00:00:00
osv
osv
xloadimage - missing input sanitising, integer overflow
2005-03-21 00:00:00
xli - buffer overflow, input sanitising, integer overflow
2005-03-21 00:00:00
debian
debian
[SECURITY] [DSA 694-1] New xloadimage packages fix several vulnerabilities
2005-03-21 10:14:23
[SECURITY] [DSA 695-1] New xli packages fix several vulnerabilities
2005-03-21 14:09:27
[SECURITY] [DSA 695-1] New xli packages fix several vulnerabilities
2005-03-21 14:09:27
gentoo
gentoo
xli, xloadimage: Multiple vulnerabilities
2005-03-02 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 695-1] New xli packages fix several vulnerabilities
2005-03-22 00:00:00