Lucene search

MitreCVE-2003-1405

HistoryOct 20, 2007 - 10:00 a.m.

CVE-2003-1405

2007-10-2010:00:00

CWE-20

mitre

web.nvd.nist.gov

cve-2003-1405

dotbr 0.1

remote attackers

arbitrary shell commands

exec.php3

system.php3

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.056

Percentile

93.3%

JSON

DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3.

Affected configurations

Nvd

Node

dotbrbotbrMatch0.1

VendorProductVersionCPE
dotbrbotbr0.1cpe:2.3:a:dotbr:botbr:0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dotbr	botbr	0.1	cpe:2.3:a:dotbr:botbr:0.1:::::::*

References

archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html

www.osvdb.org/5089

www.osvdb.org/5090

www.securityfocus.com/bid/6866

www.securityfocus.com/bid/6867

exchange.xforce.ibmcloud.com/vulnerabilities/11355

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.1

Confidence

High

EPSS

0.056

Percentile

93.3%

JSON

Related for CVE-2003-1405