| Vulnerability Name: | CVE-2001-0439 (CCN-6261) | ||||||||
| Assigned: | 2001-03-20 | ||||||||
| Published: | 2001-03-20 | ||||||||
| Updated: | 2017-10-10 | ||||||||
| Summary: | licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: FreeBSD Security Advisory FreeBSD-SA-01:35 licq contains multiple remote vulnerabilities Source: FREEBSD Type: Patch, Vendor Advisory FreeBSD-SA-01:35 Source: CCN Type: Black Sun Research Facility Web site The ICQ Security Tutorial Source: MITRE Type: CNA CVE-2001-0439 Source: CONECTIVA Type: Patch CLA-2001:389 Source: CCN Type: Conectiva Linux Announcement CLSA-2001:389 licq Source: CCN Type: RHSA-2001-022 Updated licq packages fixing security problems available Source: CCN Type: CIAC Information Bulletin L-063 RedHat Linux Log Code Buffer Overflow/Unguarded Browser Call Source: MANDRAKE Type: Patch, Vendor Advisory MDKSA-2001:032 Source: OSVDB Type: UNKNOWN 5641 Source: CCN Type: OSVDB ID: 5641 licq URL Shell Metacharacter Arbitrary Command Execution Source: REDHAT Type: UNKNOWN RHSA-2001:022 Source: REDHAT Type: UNKNOWN RHSA-2001:023 Source: CCN Type: BID-2445 LICQ Hostile URL Command Execution Vulnerability Source: CCN Type: MandrakeSoft Security Advisory MDKSA-2001:032 licq Source: XF Type: UNKNOWN licq-url-execute-commands(6261) Source: XF Type: UNKNOWN licq-url-execute-commands(6261) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||