Vulnerabilities > CVE-2005-2483 - Unspecified vulnerability in Karrigell
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN karrigell
exploit available
Summary
Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script.
Vulnerable Configurations
Exploit-Db
| description | Karrigell 1.x/2.0/2.1 KS File Arbitrary Python Command Execution Vulnerability. CVE-2005-2483. Webapps exploit for cgi platform |
| id | EDB-ID:26066 |
| last seen | 2016-02-03 |
| modified | 2005-07-31 |
| published | 2005-07-31 |
| reporter | Radovan GarabÃk |
| source | https://www.exploit-db.com/download/26066/ |
| title | Karrigell 1.x/2.0/2.1 KS File Arbitrary Python Command Execution Vulnerability |
References
- http://secunia.com/advisories/16319
- http://secunia.com/advisories/16319
- http://sourceforge.net/mailarchive/forum.php?thread_id=7863293&forum_id=32318
- http://sourceforge.net/mailarchive/forum.php?thread_id=7863293&forum_id=32318
- http://sourceforge.net/mailarchive/message.php?msg_id=12539317
- http://sourceforge.net/mailarchive/message.php?msg_id=12539317
- http://www.osvdb.org/18506
- http://www.osvdb.org/18506
- http://www.securityfocus.com/bid/14463
- http://www.securityfocus.com/bid/14463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21668
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21668