Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the q_Host parameter.
References
Configurations
History
21 Nov 2024, 00:04
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0107.html - Broken Link, Exploit, Patch, Vendor Advisory | |
References | () http://exploitlabs.com/files/advisories/EXPL-A-2005-015-tellme.txt - Exploit, Patch, Vendor Advisory | |
References | () http://kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff - Product | |
References | () http://secunia.com/advisories/17078 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.osvdb.org/19871 - Broken Link, Exploit, Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/22522 - Third Party Advisory, VDB Entry |
13 Feb 2024, 17:53
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-88 | |
References | (CONFIRM) http://kimihia.org.nz/projects/tellme/files/tellme-1.2-1.3.diff - Product | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/22522 - Third Party Advisory, VDB Entry | |
References | (FULLDISC) http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0107.html - Broken Link, Exploit, Patch, Vendor Advisory | |
References | (OSVDB) http://www.osvdb.org/19871 - Broken Link, Exploit, Patch | |
References | (SECUNIA) http://secunia.com/advisories/17078 - Broken Link, Patch, Vendor Advisory | |
CPE | cpe:2.3:a:kimihia:tellme:*:*:*:*:*:*:*:* | |
First Time |
Kimihia tellme
Kimihia |
Information
Published : 2005-12-31 05:00
Updated : 2024-11-21 00:04
NVD link : CVE-2005-4699
Mitre link : CVE-2005-4699
CVE.ORG link : CVE-2005-4699
JSON object : View
Products Affected
kimihia
- tellme
CWE
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')