LPAR2RRD CVE-2014-4981 Unspecified Command Injection Vulnerability
BID:68844
CVE-2014-4981 |Info
LPAR2RRD CVE-2014-4981 Unspecified Command Injection Vulnerability
| Bugtraq ID: | 68844 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-4981 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 23 2014 12:00AM |
| Updated: | Jul 23 2014 12:00AM |
| Credit: | Jürgen Bilberger |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
LPAR2RRD CVE-2014-4981 Unspecified Command Injection Vulnerability
LPAR2RRD is prone to an unspecified command-injection vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can exploit this issue to execute arbitrary commands in context of the application Successful exploits could compromise the application and possibly the underlying system.
Note: Few technical details of the issue are available. We will update this BID as more information emerges.
LPAR2RRD 3.5 and earlier versions are vulnerable.
LPAR2RRD is prone to an unspecified command-injection vulnerability because it fails to adequately sanitize user-supplied input.
Attackers can exploit this issue to execute arbitrary commands in context of the application Successful exploits could compromise the application and possibly the underlying system.
Note: Few technical details of the issue are available. We will update this BID as more information emerges.
LPAR2RRD 3.5 and earlier versions are vulnerable.
Exploit / POC
LPAR2RRD CVE-2014-4981 Unspecified Command Injection Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
LPAR2RRD CVE-2014-4981 Unspecified Command Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
LPAR2RRD CVE-2014-4981 Unspecified Command Injection Vulnerability
References:
References: