Vulnerabilities > CVE-2002-2114 - Remote Command Execution vulnerability in Netjuke

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

netjuke

NVD

Published: 2002-12-31

Updated: 2017-07-11

Summary

Artekopia Netjuke before 1.0 b7 allows remote attackers to execute arbitrary code on the web server, possibly via the section parameter, which is passed to an eval call.

Vulnerable Configurations

Part	Description	Count
Application	Netjuke Netjuke Netjuke 1.0_B1 Netjuke Netjuke 1.0_B2 Netjuke Netjuke 1.0_B3 Netjuke Netjuke 1.0_B4 Netjuke Netjuke 1.0_B5 Netjuke Netjuke 1.0_B6	6

References

http://sourceforge.net/tracker/index.php?func=detail&aid=507312&group_id=42076&atid=432052
http://www.securityfocus.com/bid/3988
https://exchange.xforce.ibmcloud.com/vulnerabilities/8101