Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HBsdi Bsd Os
OSBsdi2.1Caldera Openlinux
OSCaldera1.0Isc Inn
APPIsc1.4sec1.4sec21.4unoff31.4unoff41.5Nec Goah Intrasv
HWNec1.1Nec Goah Networksv
HWNec1.22.23.1Netscape News Server
APPNetscape1.1Red Hat Linux
OSRedhat4.04.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
Related vulnerabilities
CVE-2002-0083CRITICAL9.8ten sam produkt
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious serve...
CVE-2025-36049HIGH8.8ten sam produkt
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injec...
CVE-2025-36048HIGH7.2ten sam produkt
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their...
CVE-2024-38319HIGH7.5ten sam produkt
IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially...
CVE-2023-3430HIGH7.5ten sam produkt
A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput....