CVE-2008-4796
30.10.2008, 20:56
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
| Vendor | Product | Version |
|---|---|---|
| snoopy_project | snoopy | 𝑥 ≤ 1.2.3 |
| debian | debian_linux | 4.0 |
| debian | debian_linux | 5.0 |
| nagios | nagios | 𝑥 < 4.2.2 |
| wordpress | wordpress | 𝑥 < 2.6.3 |
𝑥
= Vulnerable software versions
Debian Releases
Debian Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libphp-snoopy |
| ||||||||||||||
| wordpress |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ampache |
| ||||||||||||||||||||
| gforge-plugin-scmcvs |
| ||||||||||||||||||||
| libphp-snoopy |
| ||||||||||||||||||||
| magpierss |
| ||||||||||||||||||||
| mahara |
| ||||||||||||||||||||
| mediamate |
| ||||||||||||||||||||
| moodle |
| ||||||||||||||||||||
| opendb |
| ||||||||||||||||||||
| pixelpost |
| ||||||||||||||||||||
| wordpress |
|
References