CVE-1999-1278

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 25, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-1278 is a vulnerability affecting nlog CGI scripts. The issue lies in the scripts' failure to adequately filter shell metacharacters from the IP address argument. An attacker can exploit this flaw by sending crafted IP addresses to the scripts, potentially executing specific commands through two affected scripts: nlog-smb.pl and rpc-nlog.pl. This vulnerability could lead to remote command execution, posing a significant security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlSkv
https://www.cve.org/CVERecord?id=CVE-1999-1278
https://nvd.nist.gov/vuln/detail/CVE-1999-1278

Back to Vulnerability Database

CVE-1999-1278

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations