|Title:||NetRisk remote command execution|
The installed version of NetRisk, according to the version
number, is vulnerable to an arbitrary command execution
vulnerability as a result of insufficient sanitization
of user supplied data.
Versions up to and including 1.9.7 are known to be vulnerable.
Solution : Upgrade to a later version.
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2008-0144|
BugTraq ID: 27136
Bugtraq: 20080105 NetRisk 1.9.7 Remote File Inclusion Vulnerability (Google Search)
XForce ISS Database: netrisk-index-file-include(39419)
Common Vulnerability Exposure (CVE) ID: CVE-2008-0186
BugTraq ID: 27161
Bugtraq: 20080106 netrisk 1.9.7 Multiple Remote Vulnerabilities (sql injection/xss) (Google Search)
|Copyright||Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com|
|This is only one of 93608 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.