Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-1999-0913

Published: 05/08/1999 Updated: 18/10/2016
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters.

Vulnerable Product Search on Vulmon Subscribe to Product

network security wizards dragon-fire ids 1.0

Exploits

Exploit DB: Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution
source: wwwsecurityfocuscom/bid/564/info The Dragon-Fire IDS remote web interface under version 10 has an insecure CGI script which allows for users to remotely execute commands as the user nobody This could lead to a remote compromise of the system running Dragon-Fire Via the web interface for Dragon-Fire inside the IPONE field type ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/564http://marc.info/?l=bugtraq&m=93383593909438&w=2https://nvd.nist.govhttps://www.exploit-db.com/exploits/19444/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2012-1823malicious code‎CVE-2024-5770CVE-2023-45866CVE-2024-35687local usersCVE-2024-31246CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook