EyeOS <= 0.8.9 Command Execution Vulnerability Network Vulnerability

Summary

The remote system contains a PHP application that is prone to command execution flaws. Description : The remote system is running a vulnerable version of eyeOS. EyeOS is a web based operating system, wich makes it possible to access data and applications remote by using a web-browser. The installed version does not initialize user sessions properly, allowing unauthenticated attackers to execute arbitrary commands with the privileges of the webserver.

Solution

Upgrade to eyeOS version 0.8.10.

References

http://www.gulftech.org/?node=research&article_id=00096-02072006

Updated on 2015-03-25

Severity

Classification

CVE CVE-2006-0636
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AWCM CMS Multiple Remote File Include Vulnerabilities
Adobe ColdFusion Information Disclosure Vulnerability
Advanced Guestbook Index.PHP SQL Injection Vulnerability
Ad Manager Pro Multiple SQL Injection And XSS Vulnerabilities
4Images <= 1.7.1 Directory Traversal Vulnerability

Take action and discover your vulnerabilities