github - ghsa-q697-gcxw-q87j

GHSA-Q697-GCXW-Q87J

Vulnerability from github – Published: 2022-04-30 18:11 – Updated: 2022-04-30 18:11

Details

O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-1999-1180"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "1999-02-16T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "O\u0027Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.",
  "id": "GHSA-q697-gcxw-q87j",
  "modified": "2022-04-30T18:11:59Z",
  "published": "2022-04-30T18:11:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-1999-1180"
    },
    {
      "type": "WEB",
      "url": "http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html"
    },
    {
      "type": "WEB",
      "url": "http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-1999-1180 (GCVE-0-1999-1180)

Vulnerability from cvelistv5 – Published: 2001-09-12 04:00 – Updated: 2024-08-01 17:02

Summary

O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html	x_refsource_MISC
	http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:02:53.745Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html"
          },
          {
            "name": "19990216 Website Pro v2.0 (NT) Configuration Issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "1999-02-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "O\u0027Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2003-05-08T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html"
        },
        {
          "name": "19990216 Website Pro v2.0 (NT) Configuration Issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-1999-1180",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "O\u0027Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html",
              "refsource": "MISC",
              "url": "http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html"
            },
            {
              "name": "19990216 Website Pro v2.0 (NT) Configuration Issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-1999-1180",
    "datePublished": "2001-09-12T04:00:00",
    "dateReserved": "2001-08-31T00:00:00",
    "dateUpdated": "2024-08-01T17:02:53.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-Q697-GCXW-Q87J

CVE-1999-1180 (GCVE-0-1999-1180)

Tags

Sightings

Nomenclature