Vulnerability Description
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sgi | Irix | 6.5 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I
- ftp://patches.sgi.com/support/free/security/advisories/20020606-01-IPatchVendor Advisory
- http://marc.info/?l=bugtraq&m=102459162909825&w=2
- ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I
- ftp://patches.sgi.com/support/free/security/advisories/20020606-01-IPatchVendor Advisory
- http://marc.info/?l=bugtraq&m=102459162909825&w=2
FAQ
What is CVE-2002-0652?
CVE-2002-0652 is a vulnerability with a CVSS score of 7.5 (HIGH). xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_f...
How severe is CVE-2002-0652?
CVE-2002-0652 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0652?
Check the references section above for vendor advisories and patch information. Affected products include: Sgi Irix.