CVE-2008-4318 — HIGH (10.0)

Q: What is CVE-2008-4318?

CVE-2008-4318 is a vulnerability with a CVSS score of 10.0 (HIGH). Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.

Q: How severe is CVE-2008-4318?

CVE-2008-4318 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-4318?

Check the references section above for vendor advisories and patch information. Affected products include: Project-Observer Observer.

Vulnerability Description

Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Project-Observer	Observer	<= 0.3.2.1

Related Weaknesses (CWE)

CWE-20

References

http://securityreason.com/securityalert/4322
https://exchange.xforce.ibmcloud.com/vulnerabilities/45398
https://www.exploit-db.com/exploits/6559
http://securityreason.com/securityalert/4322
https://exchange.xforce.ibmcloud.com/vulnerabilities/45398
https://www.exploit-db.com/exploits/6559

FAQ

What is CVE-2008-4318?

CVE-2008-4318 is a vulnerability with a CVSS score of 10.0 (HIGH). Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.

How severe is CVE-2008-4318?

CVE-2008-4318 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-4318?

Check the references section above for vendor advisories and patch information. Affected products include: Project-Observer Observer.