Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2006-5925

Published: Nov 15, 2006 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2006-5925
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.

Affected Software

Name Vendor Start Version End Version
Elinks Elinks 0.9.2 (including) 0.9.2 (including)
Links Links 1.00pre12 (including) 1.00pre12 (including)
Elinks Ubuntu dapper *
Elinks Ubuntu devel *
Elinks Ubuntu edgy *
Elinks Ubuntu feisty *
Elinks Ubuntu gutsy *
Elinks Ubuntu hardy *
Elinks Ubuntu intrepid *
Elinks Ubuntu jaunty *
Elinks Ubuntu karmic *
Links Ubuntu dapper *
Links Ubuntu edgy *
Links Ubuntu feisty *
Links Ubuntu gutsy *
Links2 Ubuntu dapper *
Links2 Ubuntu devel *
Links2 Ubuntu edgy *
Links2 Ubuntu feisty *
Links2 Ubuntu gutsy *
Links2 Ubuntu hardy *
Links2 Ubuntu intrepid *
Links2 Ubuntu jaunty *
Links2 Ubuntu karmic *
Red Hat Enterprise Linux 4 RedHat elinks-0:0.9.2-3.3 *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use