CVE-2006-6599 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-6599

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters (; semicolon) in the announce parameter.

Affected Software

Name	Vendor	Start Version	End Version
Torrentflux	Torrentflux	2.2 (including)	2.2 (including)
Torrentflux	Ubuntu	devel	*
Torrentflux	Ubuntu	edgy	*
Torrentflux	Ubuntu	feisty	*
Torrentflux	Ubuntu	gutsy	*

References

http://secunia.com/advisories/23270
http://www.securityfocus.com/bid/21526
https://exchange.xforce.ibmcloud.com/vulnerabilities/30850
https://www.exploit-db.com/exploits/2903
http://secunia.com/advisories/23270
http://www.securityfocus.com/bid/21526
https://exchange.xforce.ibmcloud.com/vulnerabilities/30850
https://www.exploit-db.com/exploits/2903