| Vulnerability Name: | CVE-2004-0745 (CCN-17198) | ||||||||||||
| Assigned: | 2004-08-11 | ||||||||||||
| Published: | 2004-08-11 | ||||||||||||
| Updated: | 2017-10-11 | ||||||||||||
| Summary: | LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name. | ||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2004-0745 Source: CCN Type: RHSA-2004-323 lha security update Source: CCN Type: RHSA-2004-440 lha security update Source: CCN Type: CIAC Information Bulletin 0-210 LHA Packages Buffer Overflow Vulnerability Source: CCN Type: GLSA-200409-13 LHa: Multiple vulnerabilities Source: GENTOO Type: Vendor Advisory GLSA-200409-13 Source: REDHAT Type: UNKNOWN RHSA-2004:323 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2004:440 Source: CCN Type: BID-11093 LHA Multiple Code Execution Vulnerabilities Source: FEDORA Type: UNKNOWN FLSA:1833 Source: XF Type: UNKNOWN lha-metacharacter-command-execution(17198) Source: XF Type: UNKNOWN lha-metacharacter-command-execution(17198) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11088 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||