CVE-2006-1044

Sažetak

Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603.

Reference

http://secunia.com/advisories/19106
http://securitytracker.com/id?1015722
http://www.kb.cert.org/vuls/id/841132
http://www.lsoft.com/manuals/1.8e/relnotes/LISTSERV14.5-Release-Notes.html#wasecurityalert
http://www.ngssoftware.com/advisories/listserv_3.txt
http://www.securityfocus.com/archive/1/426770/100/0/threaded
http://www.securityfocus.com/bid/16951
http://www.vupen.com/english/advisories/2006/0824
https://exchange.xforce.ibmcloud.com/vulnerabilities/25168

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

18-10-2018 - 16:30

Objavljeno

07-03-2006 - 11:02