Vulnerabilities > CVE-2006-2550 - Unspecified vulnerability in Perlpodder 0.2/0.3
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0570.html
- http://secunia.com/advisories/20238
- http://www.osvdb.org/25708
- http://www.redteam-pentesting.de/advisories/rt-sa-2006-003.php
- http://www.securityfocus.com/archive/1/434711/100/0/threaded
- http://www.securityfocus.com/bid/18067
- http://www.vupen.com/english/advisories/2006/1906
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26575