Vulnerability Details : CVE-2006-1044
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603.
Vulnerability category: Execute code
Products affected by CVE-2006-1044
- cpe:2.3:a:lsoft:listserv:14.3:*:*:*:*:*:*:*
- cpe:2.3:a:lsoft:listserv:14.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-1044
24.01%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-1044
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-1044
-
http://www.kb.cert.org/vuls/id/841132
US Government Resource
-
http://www.vupen.com/english/advisories/2006/0824
-
http://securitytracker.com/id?1015722
Patch;Vendor Advisory
-
http://www.ngssoftware.com/advisories/listserv_3.txt
-
http://www.lsoft.com/manuals/1.8e/relnotes/LISTSERV14.5-Release-Notes.html#wasecurityalert
Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25168
-
http://www.securityfocus.com/bid/16951
Patch
-
http://www.securityfocus.com/archive/1/426770/100/0/threaded
Jump to