Easy Message Board Command Execution Network Vulnerability

Summary

The remote host is running Easy Message Board, a bulletin board system written in perl. The remote version of this script contains an input validation flaw which may be used by an attacker to perform a directory traversal attack or execute arbitrary commands on the remote host with the privileges of the web server.

Solution

Upgrade to the newest version of this CGI or disable it

Severity

Classification

CVE CVE-2005-1549, CVE-2005-1550
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AstroSPACES profile.php SQL Injection Vulnerability
ApPHP MicroBlog Remote Code Execution Vulnerability
ATutor < 1.5.1-pl1 Multiple Flaws
ActivePerl perlIS.dll Buffer Overflow
Apache Archiva Multiple Remote Command Execution Vulnerabilities

Take action and discover your vulnerabilities