Vulnerabilities > CVE-2002-0904 - Remote Command Execution vulnerability in Kismet ESSID

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
kismet

Summary

SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument.

Vulnerable Configurations

Part Description Count
Application
Kismet
2