CVE-1999-1278

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 25, 1998
Updated: Nov 20, 2024

Summary

CVE-1999-1278 is a vulnerability affecting nlog CGI scripts. The issue lies in the scripts' failure to adequately filter shell metacharacters from the IP address argument. This flaw can be exploited by remote attackers to execute certain commands through two specific scripts: nlog-smb.pl and rpc-nlog.pl. By manipulating the IP address argument, an attacker could potentially gain unauthorized system access and execute malicious commands, posing a significant security risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share