CVE-2012-0261

license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for an install action.

🔗 References (12)

• cve@mitrehttp://seclists.org/fulldisclosure/2012/Jan/62
• cve@mitrehttp://secunia.com/advisories/47417
• cve@mitrehttp://www.ekelow.se/file_uploads/Advisories/ekelow-aid-2012-01.pdf
• cve@mitrehttp://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-appliance/
• cve@mitrehttp://www.osvdb.org/78064
• cve@mitrehttps://bugs.op5.com/view.php?id=5094
• af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2012/Jan/62
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/47417
• af854a3a-2127-422b-91ae-364da2661108http://www.ekelow.se/file_uploads/Advisories/ekelow-aid-2012-01.pdf
• af854a3a-2127-422b-91ae-364da2661108http://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-appliance/
• af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/78064
• af854a3a-2127-422b-91ae-364da2661108https://bugs.op5.com/view.php?id=5094