Shell Command Execution Vulnerability Network Vulnerability

Summary

The remote port seems to be running some form of shell script, with some provided user input. The input is not stripped for such meta characters as ` ' , etc. This would allow a remote attacker to execute arbitrary code.

Solution

Make sure all meta characters are filtered out, or close the port for access from untrusted networks

Severity

Classification

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

NSS Library SSLv2 Challenge Overflow
Helix RealServer Buffer Overrun
MonkeyWeb POST with too much data
snmpXdmid overflow
Mercur Mailserver/Messaging version <= 5.0 IMAP Overflow Vulnerability

Take action and discover your vulnerabilities