Computer Security
[EN] no-pyccku

netrik shell characters problems
SecurityVulns ID:7079
Threat Level:
Description:Shell characters problem on temporary files creation.
Affected:NETRIK : netrik 1.15
CVE:CVE-2006-6678 (The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename.)
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution (21.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod