PublicDate: 2006-12-21 01:28:00 UTC
Candidate: CVE-2006-6678
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6678
Description:
 The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does
 not properly verify temporary filenames when editing textarea fields, which
 allows attackers to execute arbitrary commands via shell metacharacters in
 the filename.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_netrik: released (1.15.3-1sarge1build0.6.06.1)
edgy_netrik: needed (reached end-of-life)
feisty_netrik: released (1.15.3-1.1)
gutsy_netrik: released (1.15.3-1.1)
hardy_netrik: released (1.15.3-1.1)
intrepid_netrik: released (1.15.3-1.1)
jaunty_netrik: released (1.15.3-1.1)
devel_netrik: released (1.15.3-1.1)
upstream_netrik: needs-triage