CVE-2006-3633

Published Jul 27, 2006

Last updated 7 years ago

Overview

Description: OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on the CVS server via shell metacharacters in a filename that is committed.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ossp:shiela:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB25CF9F-B80B-4ED1-A412-DB9CEC9702A5",
            "versionEndIncluding": "1.1.5"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:0.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E4ADD90-131F-4741-A844-3B2174BE70FF"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:0.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E8BD603-A42B-4256-90DA-57AEB6C9E50C"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:0.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A865B5B-747E-4291-A04B-BD7D62000971"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B31C1B50-381A-4821-B392-0DA9FA61A69A"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42E76393-336A-4FF7-BC73-6B580B619C76"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "782A6EF6-2997-45A7-BD58-159124FA2A26"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A93BF8B-61D2-4BC7-886A-1CBCDCFEA03F"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83BDB983-518D-4633-AADA-3950A89D2CEC"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09FBB3AE-46D7-4799-BD83-141B142F3642"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CA3FC26-F2A4-4C4F-B582-680A22084DF5"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDC9D8CF-3E8F-463D-963E-6BAE419B8E39"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC369D29-3A18-4C10-A73B-A264383F9EB0"
          },
          {
            "criteria": "cpe:2.3:a:ossp:shiela:1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40268639-EB96-44F8-A76B-10998992E58F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References