CVE

Id
70145  
CVE No.
CVE-2014-2850  
Status
Candidate  
Description
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter.  
Phase
Assigned (20140411)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
668835 70145 CVE-2014-2850 EXPLOIT-DB:32789  View
668836 70145 CVE-2014-2850 URL:http://www.exploit-db.com/exploits/32789  View
668837 70145 CVE-2014-2850 MISC:http://www.zerodayinitiative.com/advisories/ZDI-14-069/  View
668838 70145 CVE-2014-2850 CONFIRM:http://www.sophos.com/en-us/support/knowledgebase/120230.aspx  View
668839 70145 CVE-2014-2850 BID:66734  View
668840 70145 CVE-2014-2850 URL:http://www.securityfocus.com/bid/66734  View
668841 70145 CVE-2014-2850 SECUNIA:57706  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
13272 JVNDB-2014-002147 Pivotal Grails 用 Resources プラグインにおけるディレクトリトラバーサルの脆弱性 Pivotal Grails 用 Resources プラグインには、"構成されたブロック (configured block)" に関する処理に不備があるため、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2014-2858 70145 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002147.html  View