Shell Command Execution Vulnerability Network Vulnerability

Summary

The remote port seems to be running some form of shell script, with some provided user input. The input is not stripped for such meta characters as ` ' , etc. This would allow a remote attacker to execute arbitrary code.

Solution

Make sure all meta characters are filtered out, or close the port for access from untrusted networks

Severity

Classification

CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

QK SMTP Server 'RCPT TO' buffer overflow vulnerability
snmpXdmid overflow
yppasswdd overflow
HTTP 1.0 header overflow
Mercur Mailserver/Messaging version <= 5.0 IMAP Overflow Vulnerability

Take action and discover your vulnerabilities