Acccheck Pl
Monthly
acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or password file, as demonstrated by injection into an smbclient command line. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or password file, as demonstrated by injection into an smbclient command line. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.