CVE-1999-1278

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 25, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-1278 is a vulnerability affecting nlog CGI scripts. The issue lies in the scripts' failure to filter shell metacharacters from the IP address argument. An attacker can exploit this flaw by manipulating the IP address input, leading to potential execution of certain commands through the use of nlog-smb.pl or rpc-nlog.pl. This vulnerability poses a significant risk to systems running these nlog scripts and requires immediate attention to apply relevant patches or mitigations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlSkv
https://www.cve.org/CVERecord?id=CVE-1999-1278
https://nvd.nist.gov/vuln/detail/CVE-1999-1278

Back to Vulnerability Database

CVE-1999-1278

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations