CVE-2006-1044
Summary
| CVE | CVE-2006-1044 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-03-07 11:02:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603. |
Risk And Classification
Primary CVSS: v2.0 7.5 from [email protected]
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS: 0.251300000 probability, percentile 0.961890000 (date 2026-04-16)
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityTracker.com Archives - LISTSERV Web Archive Interface Unspecified Bugs Let Remote Users Execute Arbitrary Code | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | Patch, Vendor Advisory |
| L-Soft Listserv 14.3 and 14.4 Multiple Unspecified Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Patch |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| www.lsoft.com/manuals/1.8e/relnotes/LISTSERV14.5-Release-Notes.html | af854a3a-2127-422b-91ae-364da2661108 | www.lsoft.com | Patch |
| Advisories - Research - Next Generation Security Software | af854a3a-2127-422b-91ae-364da2661108 | www.ngssoftware.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| US-CERT Vulnerability Note VU#841132 | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | US Government Resource |
| LISTSERV WA CGI Script Buffer Overflow Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.