Описание
Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the q_Host parameter.
Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the q_Host parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22522
- http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0107.html
- http://exploitlabs.com/files/advisories/EXPL-A-2005-015-tellme.txt
- http://kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff
- http://secunia.com/advisories/17078
- http://www.osvdb.org/19871
Связанные уязвимости
nvd
около 20 лет назад
Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the q_Host parameter.