CVE-2006-6678

The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://netrik.cvs.sourceforge.net/netrik/netrik/form-file.c?r1=1.3&r2=1.4
http://sourceforge.net/project/shownotes.php?release_id=472131&group_id=23183	Patch
http://www.debian.org/security/2007/dsa-1251
http://secunia.com/advisories/23822
http://www.securityfocus.com/bid/22158
http://www.vupen.com/english/advisories/2006/5092

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:netrik:netrik::::::::
	cpe:2.3:a:netrik:netrik:1.15.2:::::::*

Information

Published : 2006-12-20 17:28

Updated : 2011-03-07 18:46

NVD link : CVE-2006-6678

Mitre link : CVE-2006-6678

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

netrik

netrik

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://netrik.cvs.sourceforge.net/netrik/netrik/form-file.c?r1=1.3&r2=1.4", "name": "http://netrik.cvs.sourceforge.net/netrik/netrik/form-file.c?r1=1.3&r2=1.4", "tags": [], "refsource": "MISC"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=472131&group_id=23183", "name": "http://sourceforge.net/project/shownotes.php?release_id=472131&group_id=23183", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2007/dsa-1251", "name": "DSA-1251", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/23822", "name": "23822", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/22158", "name": "22158", "tags": [], "refsource": "BID"}, {"url": "http://www.vupen.com/english/advisories/2006/5092", "name": "ADV-2006-5092", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-6678", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2006-12-21T01:28Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:netrik:netrik:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.15.4"}, {"cpe23Uri": "cpe:2.3:a:netrik:netrik:1.15.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-03-08T02:46Z"}