CVE-2005-1949

UNKNOWN

The eping_validaddr function in functions

Published Jun 14, 2005

Modified 1 years ago

Details

The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter.

References

WEB

http://e107plugins.co.uk/news.php

WEB

http://marc.info/?l=bugtraq&m=111835539312985&w=2

WEB

http://marc.info/?l=bugtraq&m=111868460811287&w=2

ADVISORY

http://secunia.com/advisories/15678

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2005-1949

CVSS Analysis

CVSS v2.0

7.5

Exploitability

Access Vector

NetworkAV:N

Access Complexity

LowAC:L

Authentication

NoneAu:N

Impact

Confidentiality

PartialC:P

Integrity

PartialI:P

Availability

PartialA:P

7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P

Ecosystems

Timeline

PublishedJun 14, 2005

ModifiedAug 7, 2024