CVE-1999-1278
CVSS 2.0 Score 7.5 of 10 (high)
Details
Published Dec 25, 1998
Updated: Nov 20, 2024
Summary
CVE-1999-1278 is a vulnerability affecting nlog CGI scripts. The issue lies in the scripts' failure to adequately filter shell metacharacters from the IP address argument. This flaw can be exploited by remote attackers to execute certain commands through two specific scripts: nlog-smb.pl and rpc-nlog.pl. By manipulating the IP address argument, an attacker could potentially gain unauthorized system access and execute malicious commands, posing a significant security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share