cve/CVE-2005-0638.md at 7818c5651982aa78500b326433f643b6a96ab8c1

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

POC

Reference

http://support.avaya.com/elmodocs2/security/ASA-2005-134_RHSA-2005-332.pdf

Github

No PoCs found on GitHub currently.

712 B Raw Blame History

CVE-2005-0638

Description

POC

Reference

Github

712 B

Raw Blame History