Описание
importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator to execute arbitrary commands via shell metacharacters in the dir parameter, and possibly allows remote attackers to exploit this vulnerability via a separate XSS issue (CVE-2002-1315).
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:iplanet:iplanet_web_server:4.1:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp1:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp2:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp3:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp4:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp5:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp6:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp7:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp8:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp9:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp10:*:*:*:*:*:*:*
cpe:2.3:a:iplanet:iplanet_web_server:4.1_sp11:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01353
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator to execute arbitrary commands via shell metacharacters in the dir parameter, and possibly allows remote attackers to exploit this vulnerability via a separate XSS issue (CVE-2002-1315).
EPSS
Процентиль: 79%
0.01353
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other