What is the severity of CVE-2005-0638?

CVE-2005-0638 is classified as a critical vulnerability due to its capability to allow remote attackers to execute arbitrary commands.

How do I fix CVE-2005-0638?

To mitigate CVE-2005-0638, upgrade to xloadimage version 4.1-r2 or later, or xli version 1.17 or later.

What software is affected by CVE-2005-0638?

CVE-2005-0638 affects xloadimage versions before 4.1-r2 and xli versions before 1.17, among others.

Is CVE-2005-0638 a local or remote vulnerability?

CVE-2005-0638 is a remote vulnerability that can be exploited from outside the target system.

Vulnerability/
CVE-2005-0638

high

7.5

CWE

NVD-CWE-Other

2/3/2005

4/3/2005

7/8/2024

CVE-2005-0638

First published: Wed Mar 02 2005(Updated: )

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
xli xli	=1.14
xli xli	=1.15
xli xli	=1.16
xli xli	=1.17
ALT Linux	=2.3
ALT Linux	=2.3
SUSE Linux	=1.0
SUSE Linux	=2.0
SUSE Linux	=3.0
SUSE Linux	=4.0
SUSE Linux	=4.2
SUSE Linux	=4.3
SUSE Linux	=4.4
SUSE Linux	=4.4.1
SUSE Linux	=5.0
SUSE Linux	=5.1
SUSE Linux	=5.2
SUSE Linux	=5.3
SUSE Linux	=6.0
SUSE Linux	=6.1
SUSE Linux	=6.1-alpha
SUSE Linux	=6.2
SUSE Linux	=6.3
SUSE Linux	=6.3
SUSE Linux	=6.3-alpha
SUSE Linux	=6.4
SUSE Linux	=6.4
SUSE Linux	=6.4
SUSE Linux	=6.4-alpha
SUSE Linux	=7.0
SUSE Linux	=7.0
SUSE Linux	=7.0
SUSE Linux	=7.0
SUSE Linux	=7.0-alpha
SUSE Linux	=7.1
SUSE Linux	=7.1
SUSE Linux	=7.1
SUSE Linux	=7.1
SUSE Linux	=7.1-alpha
SUSE Linux	=7.2
SUSE Linux	=7.2
SUSE Linux	=7.3
SUSE Linux	=7.3
SUSE Linux	=7.3
SUSE Linux	=7.3
SUSE Linux	=8.0
SUSE Linux	=8.0
SUSE Linux	=8.1
SUSE Linux	=8.2
SUSE Linux	=9.0
SUSE Linux	=9.0
SUSE Linux	=9.1
SUSE Linux	=9.1
SUSE Linux	=9.2
SUSE Linux	=9.2
SUSE Linux	=9.3

Remedy

http://secunia.com/advisories/14459

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-0638?
CVE-2005-0638 is classified as a critical vulnerability due to its capability to allow remote attackers to execute arbitrary commands.
How do I fix CVE-2005-0638?
To mitigate CVE-2005-0638, upgrade to xloadimage version 4.1-r2 or later, or xli version 1.17 or later.
What software is affected by CVE-2005-0638?
CVE-2005-0638 affects xloadimage versions before 4.1-r2 and xli versions before 1.17, among others.
What types of attacks can CVE-2005-0638 enable?
CVE-2005-0638 can enable attackers to execute arbitrary commands via shell metacharacters in filenames.
Is CVE-2005-0638 a local or remote vulnerability?
CVE-2005-0638 is a remote vulnerability that can be exploited from outside the target system.

agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/remedy
agent/last-modified-date
agent/severity
agent/references
agent/description
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/xli
canonical/xli xli
version/xli xli/1.14
version/xli xli/1.15
version/xli xli/1.16
version/xli xli/1.17
vendor/altlinux
canonical/alt linux
version/alt linux/2.3
vendor/suse
canonical/suse linux
version/suse linux/1.0
version/suse linux/2.0
version/suse linux/3.0
version/suse linux/4.0
version/suse linux/4.2
version/suse linux/4.3
version/suse linux/4.4
version/suse linux/4.4.1
version/suse linux/5.0
version/suse linux/5.1
version/suse linux/5.2
version/suse linux/5.3
version/suse linux/6.0
version/suse linux/6.1
version/suse linux/6.1-alpha
version/suse linux/6.2
version/suse linux/6.3
version/suse linux/6.3-alpha
version/suse linux/6.4
version/suse linux/6.4-alpha
version/suse linux/7.0
version/suse linux/7.0-alpha
version/suse linux/7.1
version/suse linux/7.1-alpha
version/suse linux/7.2
version/suse linux/7.3
version/suse linux/8.0
version/suse linux/8.1
version/suse linux/8.2
version/suse linux/9.0
version/suse linux/9.1
version/suse linux/9.2
version/suse linux/9.3

Frequently Asked Questions

What is the severity of CVE-2005-0638?
CVE-2005-0638 is classified as a critical vulnerability due to its capability to allow remote attackers to execute arbitrary commands.
How do I fix CVE-2005-0638?
To mitigate CVE-2005-0638, upgrade to xloadimage version 4.1-r2 or later, or xli version 1.17 or later.
What software is affected by CVE-2005-0638?
CVE-2005-0638 affects xloadimage versions before 4.1-r2 and xli versions before 1.17, among others.
What types of attacks can CVE-2005-0638 enable?
CVE-2005-0638 can enable attackers to execute arbitrary commands via shell metacharacters in filenames.
Is CVE-2005-0638 a local or remote vulnerability?
CVE-2005-0638 is a remote vulnerability that can be exploited from outside the target system.

CVE-2005-0638

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-0638?

How do I fix CVE-2005-0638?

What software is affected by CVE-2005-0638?

What types of attacks can CVE-2005-0638 enable?

Is CVE-2005-0638 a local or remote vulnerability?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2005-0638?

How do I fix CVE-2005-0638?

What software is affected by CVE-2005-0638?

What types of attacks can CVE-2005-0638 enable?

Is CVE-2005-0638 a local or remote vulnerability?