{ "id": "CVE-2005-2483", "sourceIdentifier": "cve@mitre.org", "published": "2005-08-07T04:00:00.000", "lastModified": "2017-07-11T01:32:52.500", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script." }, { "lang": "es", "value": "Vulnerabilidad de \"evaluaci\u00f3n de c\u00f3digo din\u00e1mica directa\" en Karrigell anterior a la 2.1.8 permite que atacantes remotos ejecuten c\u00f3digo arbitrario en Python mediante argumentos modificados a un script de servicios karrigell (.ks)." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7A37B2FC-6BBA-4EF9-A7BC-B37D05007CFC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EF5067DC-2500-4368-8259-D753A550E979" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D945C07C-82CA-4EDA-8CA9-248DAD72AB04" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "27EC6A95-D2DC-4F35-BA6F-C1C024973478" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "34793BD5-7705-469C-A22C-2D40B5D65B1B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "6FCAB760-87E2-41AB-B44E-90B00166DDD6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "A6806F58-5501-4F85-935C-B609506A9C73" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FBD3E84-3E60-4811-876E-2B7B47E09E9C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A5927380-1840-4F2D-A848-261E1426084E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "C8D7DB43-CD3C-4CA0-A043-40A059DBA773" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EB602622-72E8-4F93-AA51-A2799E365D4C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "08FF6B92-E4C5-46A0-B60D-070CCCBCB6EF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:karrigell:karrigell:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "0E71CC1F-1011-4DC7-A7F6-0E73DCD2A986" } ] } ] } ], "references": [ { "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7863293&forum_id=32318", "source": "cve@mitre.org" }, { "url": "http://sourceforge.net/mailarchive/message.php?msg_id=12539317", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.securityfocus.com/bid/14463", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21668", "source": "cve@mitre.org" } ] }