Vulnerabilities > CVE-2005-2812 - Scripts Command Execution vulnerability in Man2Web 0.87/0.88
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
man2web allows remote attackers to execute arbitrary commands via -P arguments.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | man2web <= 0.88 Multiple Remote Command Execution Exploit (update2). CVE-2005-2812. Webapps exploit for cgi platform |
id | EDB-ID:1194 |
last seen | 2016-01-31 |
modified | 2005-09-04 |
published | 2005-09-04 |
reporter | tracewar |
source | https://www.exploit-db.com/download/1194/ |
title | man2web <= 0.88 - Multiple Remote Command Execution Exploit update2 |
Nessus
NASL family | CGI abuses |
NASL id | MAN2WEB_CMD_EXEC.NASL |
description | The remote host appears to be running man2web, a program for dynamically converting unix man pages to HTML. The installed version of man2web allows attackers to execute arbitrary shell commands on the remote host subject to the privileges of the web server user id. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 19591 |
published | 2005-09-07 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/19591 |
title | man2web Multiple Scripts Arbitrary Command Execution |