CVE-2012-5520

The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x before 3.0.4 allows remote attackers to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP request.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openvas:openvas_manager:3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:beta3:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:beta4:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:beta5:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:beta6:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:beta7:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:beta8:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openvas:openvas_manager:3.0.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-11-26 12:45

Updated : 2024-02-04 18:16


NVD link : CVE-2012-5520

Mitre link : CVE-2012-5520

CVE.ORG link : CVE-2012-5520


JSON object : View

Products Affected

openvas

  • openvas_manager
CWE
CWE-20

Improper Input Validation