Computer Security
[EN] securityvulns.ru no-pyccku


unp shell characters security vulnerability
Published:09.01.2008
Source:
SecurityVulns ID:8549
Type:local
Threat Level:
4/10
Description:shell characters vulnerability thorugh filenames.
Affected:UNP : unp 1.0
CVE:CVE-2007-6610 (unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product.)
Original documentdocumentGENTOO, [Full-disclosure] [ GLSA 200801-01 ] unp: Arbitrary command execution (09.01.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod