CVE-2006-5925 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-5925
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5925

Description: Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/30299 TRUSTIX http://www.trustix.org/errata/2007/0005 SUSE http://www.novell.com/linux/security/advisories/2006_27_sr.html ST 1017233 1017232 SAID Secunia Advisory: SA24054 Secunia Advisory: SA24005 Secunia Advisory: SA23389 Secunia Advisory: SA23467 Secunia Advisory: SA23188 Secunia Advisory: SA23234 Secunia Advisory: SA23132 Secunia Advisory: SA23022 Secunia Advisory: SA22923 Secunia Advisory: SA22920 Secunia Advisory: SA22905 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0742.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:216 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200701-27.xml http://security.gentoo.org/glsa/glsa-200612-16.xml FULLDISC http://marc.theaimsgroup.com/?l=full-disclosure&m=116355556512780&w=2 DEBIAN http://www.debian.org/security/2006/dsa-1240 http://www.debian.org/security/2006/dsa-1228 http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00327.html CONFIRM http://bugzilla.elinks.cz/show_bug.cgi?id=841 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/451870/100/200/threaded BID 21082

Return to the previous page.