Computer Security
[EN] securityvulns.ru no-pyccku


Fujitsu-Siemens ServerView code execution
Published:04.07.2007
Source:
SecurityVulns ID:7888
Type:remote
Threat Level:
5/10
Description:Shell characters filtering problem in Web interface "ping" CGI script.
Affected:FUJITSUSIEMENS : ServerView 4.50
CVE:CVE-2007-3011 (The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter.)
Original documentdocumentRedTeam Pentesting, [Full-disclosure] Fujitsu-Siemens ServerView Remote Command Execution (04.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod