Vulnerabilities > CVE-2006-0845 - Remote Security vulnerability in Leif M. Wright web Blog 3.5

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
leif-m-wright

Summary

Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname.

Vulnerable Configurations

Part Description Count
Application
Leif_M._Wright
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/44315/EV0082.txt
idPACKETSTORM:44315
last seen2016-12-05
published2006-03-03
reporterAliaksandr Hartsuyeu
sourcehttps://packetstormsecurity.com/files/44315/EV0082.txt.html
titleEV0082.txt