Summary
ALCASARis prone to a remote code execution vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary commands
Solution
Ask the Vendor for an update.
Affected
ALCASAR <= 2.8
Detection
Send a specially crafted value in the 'host' HTTP header and check the response.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- Adobe ColdFusion Information Disclosure Vulnerability
- AlstraSoft AskMe Pro 'forum_answer.php' and 'profile.php' Multiple SQL Injection Vulnerabilities
- Adiscon LogAnalyzer Multiple SQL Injection and XSS Vulnerabilities