Vulnerabilities > CVE-2005-2482 - Unspecified vulnerability in Metasploit Framework
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the "_Defanged" environment option is checked when processing the Exploit command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |