CVE-2013-4983

Sažetak

The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.

Reference

http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities
http://www.sophos.com/en-us/support/knowledgebase/119773.aspx

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-10-2013 - 14:51

Objavljeno

10-09-2013 - 11:28