Snoopy CVE-2002-2444 Arbitrary Command Execution Vulnerability
BID:68787
Info
Snoopy CVE-2002-2444 Arbitrary Command Execution Vulnerability
| Bugtraq ID: | 68787 |
| Class: | Input Validation Error |
| CVE: |
CVE-2002-2444 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 16 2004 12:00AM |
| Updated: | Oct 16 2004 12:00AM |
| Credit: | Tajh Leitso |
| Vulnerable: |
Snoopy Snoopy 1.0 1 Snoopy Snoopy 0.94 Snoopy Snoopy 0.93 Snoopy Snoopy 0.92 Snoopy Snoopy 0.91 |
| Not Vulnerable: |
Snoopy Snoopy 1.11 |
Discussion
Snoopy CVE-2002-2444 Arbitrary Command Execution Vulnerability
Snoopy is prone to a vulnerability that lets attackers execute arbitrary commands because the application fails to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary commands in the context of the vulnerable webserver.
Snoopy is prone to a vulnerability that lets attackers execute arbitrary commands because the application fails to properly sanitize user-supplied input.
An attacker may exploit this issue to execute arbitrary commands in the context of the vulnerable webserver.
Exploit / POC
Snoopy CVE-2002-2444 Arbitrary Command Execution Vulnerability
An attacker may exploit this issue using a web browser.
An attacker may exploit this issue using a web browser.
Solution / Fix
Snoopy CVE-2002-2444 Arbitrary Command Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Snoopy CVE-2002-2444 Arbitrary Command Execution Vulnerability
References:
References:
- Security hole in exec cURL (Snoopy)
- Snoopy Home Page (Snoopy)