- Description
- Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
- Comment
- -
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:iron_bars_shell:iron_bars_shell:0.3a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24242D6A-941E-4E0C-A750-70914C477D8C"
},
{
"criteria": "cpe:2.3:a:iron_bars_shell:iron_bars_shell:0.3b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FDAC396-66E7-471E-B04D-554DCC738519"
},
{
"criteria": "cpe:2.3:a:iron_bars_shell:iron_bars_shell:0.3c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4B785B4-EA51-4A6F-9B63-3819566C5109"
}
],
"operator": "OR"
}
]
}
]