Vulnerability Details CVE-2008-6556
cgi-bin/webutil.pl in The Puppet Master WebUtil 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the whois command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/51181
- http://www.securityfocus.com/archive/1/489961/100/0/threaded
- http://www.securityfocus.com/bid/28393
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41400
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49820
- http://osvdb.org/51181
- http://www.securityfocus.com/archive/1/489961/100/0/threaded
- http://www.securityfocus.com/bid/28393
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41400
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49820
Products affected by CVE-2008-6556
-
cpe:2.3:a:puppet_master:webutil:2.3