|
|
CVE Reference: CVE-2006-2548 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2548 |
|
|
Description: Prodder before 0.5, and perlpodder before 0.5, allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26568 http://xforce.iss.net/xforce/xfdb/26575 SREASON http://securityreason.com/securityalert/942 SAID Secunia Advisory: SA20208 Secunia Advisory: SA20238 OSVDB 25690 MISC http://www.redteam-pentesting.de/advisories/rt-sa-2006-003.php http://www.redteam-pentesting.de/advisories/rt-sa-2006-002.php FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0567.html CONFIRM http://sourceforge.net/project/shownotes.php?release_id=418189&group_id=148643 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/434712/100/0/threaded BID 18068 |
|
| Return to the previous page. |
