CVE-2008-5705

Published: Dec 22, 2008Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in Verlihub 0.9.8d-RC2 and earlier, when user triggers are enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in an argument.

Affected (1)

Products: Verlihub Project: Verlihub

Verlihub Project

1 product

Verlihub

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Verlihub Project Verlihub	Version 0.9.8d rc2

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

http://bugs.debian.org/506530

Source: cve@mitre.org

http://openwall.com/lists/oss-security/2008/12/17/16

Source: cve@mitre.org

http://securityreason.com/securityalert/4800

Source: cve@mitre.org

http://www.securityfocus.com/bid/32420

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46801

Source: cve@mitre.org

https://www.exploit-db.com/exploits/7183

Source: cve@mitre.org

http://bugs.debian.org/506530