CVE-2005-4699

2006-02-0120:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.009

Percentile

82.3%

JSON

Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via “–” style options in the q_Host parameter.

References

archives.neohapsis.com/archives/fulldisclosure/2005-10/0107.html

exploitlabs.com/files/advisories/EXPL-A-2005-015-tellme.txt

kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff

secunia.com/advisories/17078

www.osvdb.org/19871

exchange.xforce.ibmcloud.com/vulnerabilities/22522