[Snort-sigs] SID 882

Ian Masters ian at ...286...
Tue Jan 22 18:20:02 EST 2002


Hello

My technical expertise is limited but if there is no problem with 
"adapting" information I have already found at securityfocus.com, cve and 
other sources then I'll try to keep sending these in

Ian Masters

Rule:

--
Sid: 882

--
Summary: Version 2.2 of popular cgi script, calender.pl and the 
calendar_admin.pl (used to set up a website calendar) contain code which 
may allow attacker to execute arbitrary commands on that host.


--
Impact:

--
Detailed Information:  see 
http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=discussion&id=1215

--
Attack Scenarios: see 
http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=exploit&id=1215

--
Ease of Attack:

--
False Positives:

--
False Negatives:

--
Corrective Action: Download updated scripts 
http://www.mattkruse.com/scripts/calendar/bugfix.html

--
Contributors:

--
Additional References: bugtraq 1288
cve CVE-2000-0432 






More information about the Snort-sigs mailing list