CVE-2011-0018

Published Jan 28, 2011

Last updated 3 months ago

CVSS info 9.0

Overview

Description: The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA).
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D9AA5BD-527B-4AE0-A66B-E579ECF113A2"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "626ACE32-D7A8-4F9E-8822-300AB0FB4FE3"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF9F2753-B0EE-4DFC-9896-121FF7FADD32"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54330895-0042-499C-9D48-D2E1AD426A7D"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42313F39-0548-4711-9FB3-4A66A263D1D5"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:beta5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "411B294D-1C11-4EC6-8326-683458F64A32"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:beta6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "782E68E5-23C5-4C66-93E5-B77788579969"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:beta7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49D7685E-948F-4D72-A90C-7FABE7C1A27B"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BEEF56A-43E8-4688-B01F-0205D16F0407"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F455998-FAE3-45F1-96AE-CE85553143DE"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5E3C68D-87FB-4A56-B5E2-CBAF23A7B6B1"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7079FE6-7B20-4020-8D9D-51068E806037"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:2.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C93EE7D-C554-4201-81D6-18EC14129850"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:2.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DDFA3A6-3999-40E5-A450-9FDA12EFE3FD"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:2.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4CF3880-3CA8-458A-B2A7-CC5BEEC8CBAB"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:2.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A4DADB9-67E9-4781-BEA0-D77E83EA71E6"
          },
          {
            "criteria": "cpe:2.3:a:openvas:openvas_manager:2.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC3CEA6C-1F84-49E6-B4D8-07E3697745ED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References