CVE-2011-0018
CVE-2011-0018
The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA).
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/16086unverifiedexploitdbwww.exploit-db.com/exploits/16086unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/70639http://secunia.com/advisories/43037https://exchange.xforce.ibmcloud.com/vulnerabilities/65011http://www.exploit-db.com/exploits/16086http://www.openvas.org/OVSA20110118.htmlhttp://www.securityfocus.com/archive/1/515971/100/0/threadedhttp://www.securityfocus.com/bid/45987http://www.vupen.com/english/advisories/2011/0208