Vulnerability Details CVE-2001-0808
gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/bugtraq/2001-06/0365.html
- http://sources.redhat.com/gnats/gnatsweb/advisory-jun-26-2001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6753
- http://archives.neohapsis.com/archives/bugtraq/2001-06/0365.html
- http://sources.redhat.com/gnats/gnatsweb/advisory-jun-26-2001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6753
Products affected by CVE-2001-0808
-
cpe:2.3:a:yngve_svendsen:gnatsweb:2.7_beta
-
cpe:2.3:a:yngve_svendsen:gnatsweb:2.8.0
-
cpe:2.3:a:yngve_svendsen:gnatsweb:2.8.1
-
cpe:2.3:a:yngve_svendsen:gnatsweb:3.95