Computer Security
[EN] securityvulns.ru no-pyccku


netrik shell characters problems
Published:21.01.2007
Source:
SecurityVulns ID:7079
Type:client
Threat Level:
5/10
Description:Shell characters problem on temporary files creation.
Affected:NETRIK : netrik 1.15
CVE:CVE-2006-6678 (The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename.)
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution (21.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod