- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 35785
- Проверка EDB
-
- Пройдено
- Автор
- MAXIMILIAN ATTEMS
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- cve-2011-1930
- Дата публикации
- 2011-05-18
Код:
source: https://www.securityfocus.com/bid/47924/info
klibc is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input.
An attacker can exploit this issue to execute arbitrary shell commands in the context of the application that uses the vulnerable library.
Versions prior to klibc 1.5.22 are vulnerable.
DNSDOMAIN="\\\"\$(echo owned; touch /tmp/owned)"- Источник
- www.exploit-db.com
