Release DateAug 05, 2005 |
Severitymedium |
ImpactUnauthorized access to Web Server. |
DescriptionIt indicates a possible exploit of a Remote Command Execution vulnerability in a USANet product. Multiple USANet products are vulnerable to Remote Command execution attacks. There are input validation errors on the dispallclosed.pl script which an attacker can exploit and execute arbitrary commands. |
Affected ProductsUSANet Creations USANet Shopping Mall, Standard Classified Ads, MakeBid Reverse Auction , MakeBid Auction Standard , MakeBid Auction Deluxe 3.30, MakeBid Auction Deluxe and Domain Name Auction |
Recommended ActionsApply appropriate patch from the vendor or Upgrade to non-vulnerable version if available. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2005-2259 |
Reference/shttp://www.securityfocus.com/bid/14179 (BugTraq) |
