Back to search
CVE-2002-0904
Published: Apr 2, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.kismetwireless.net/CHANGELOG
x_refsource_CONFIRM
4883
vdb-entry
x_refsource_BID
kismet-saytext-command-execution(9213)
vdb-entry
x_refsource_XF
20020529 New Kismet Packages available - SayText() and suid kismet_server issues
mailing-list
x_refsource_VULN-DEV
20020528 New Kismet Packages available - SayText() and suid kismet_server issues
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now