Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-5925

Published: 15/11/2006 Updated: 17/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 760
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Links

Vulnerability Summary

Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote malicious users to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.

Vulnerable Product Search on Vulmon Subscribe to Product

links links 1.00pre12

elinks elinks 0.9.2

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2006-5925: Links "smb" Protocol File Upload/Download Vulnerability
Debian Bug report logs - #399187 CVE-2006-5925: Links "smb" Protocol File Upload/Download Vulnerability Package: links; Maintainer for links is Axel Beckert <abe@debianorg>; Source for links is src:links2 (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Sat, 18 Nov 2006 12:03:06 UTC Severity ...
Ubuntu Security Notice: elinks vulnerabilities
Teemu Salmela discovered that Elinks did not properly validate input when processing smb:// URLs If a user were tricked into viewing a malicious website and had smbclient installed, a remote attacker could execute arbitrary code with the privileges of the user invoking the program (CVE-2006-5925) ...
Debian Security Advisories: DSA-1228-1 elinks -- insufficient escaping
Teemu Salmela discovered that the elinks character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell commands For the stable distribution (sarge) this problem has been fixed in version 0104-71 For the upcoming stable distribution (etch) this problem has been fixed in version ...
Debian Security Advisories: DSA-1226-1 links -- insufficient escaping
Teemu Salmela discovered that the links character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell commands For the stable distribution (sarge) this problem has been fixed in version 099+100pre12-1sarge1 For the upcoming stable distribution (etch) this problem has been fixed ...

Exploits

Exploit DB: Links, ELinks 'smbclient' - Remote Command Execution
source: wwwsecurityfocuscom/bid/21082/info Links and ELinks are prone to a remote command-execution vulnerability because the applications fail to properly process website data containing 'smb' commands An attacker can exploit this issue to execute arbitrary 'smb' commands on a victim computer This may help the attacker compromise the ...
Exploit DB: Links 1.00pre12 - 'smbclient' Remote Code Execution
<!-- Links smbclient command execution ----------------------------------------------------------------------------- There is a flaw in the Links web browser, that allows malicious web sites to execute smbclient commands on the victim's machine This flaw makes it possible to read any file from the victim system (any file that the user running l ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2006-0742.htmlhttp://securitytracker.com/id?1017232http://securitytracker.com/id?1017233http://secunia.com/advisories/22905http://secunia.com/advisories/22920http://bugzilla.elinks.cz/show_bug.cgi?id=841http://secunia.com/advisories/22923http://secunia.com/advisories/23022http://www.novell.com/linux/security/advisories/2006_27_sr.htmlhttp://secunia.com/advisories/23132http://www.securityfocus.com/bid/21082http://www.debian.org/security/2006/dsa-1228http://secunia.com/advisories/23234http://secunia.com/advisories/23188http://security.gentoo.org/glsa/glsa-200612-16.xmlhttp://www.debian.org/security/2006/dsa-1240http://secunia.com/advisories/23467http://secunia.com/advisories/23389http://www.gentoo.org/security/en/glsa/glsa-200701-27.xmlhttp://www.trustix.org/errata/2007/0005http://secunia.com/advisories/24005http://secunia.com/advisories/24054http://www.mandriva.com/security/advisories?name=MDKSA-2006:216http://marc.info/?l=full-disclosure&m=116355556512780&w=2https://www.debian.org/security/2006/dsa-1226https://exchange.xforce.ibmcloud.com/vulnerabilities/30299https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11213http://www.securityfocus.com/archive/1/451870/100/200/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399187https://usn.ubuntu.com/851-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/29033/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925CVE-2023-41826LFICVE-2022-22364CVE-2024-2887command injectionremote code executionCVE-2024-34446CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook