|
|
Log in / Subscribe / Register

freeciv: arbitrary command execution

Package(s):freeciv CVE #(s):CVE-2010-2445
Created:August 20, 2010 Updated:February 7, 2014
Description: From the CVE entry:

freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.

Alerts:
Gentoo 201402-07 freeciv 2014-02-06
Fedora FEDORA-2010-12262 freeciv 2010-08-07
Fedora FEDORA-2010-12256 freeciv 2010-08-07
Mandriva MDVSA-2010:205 freeciv 2010-10-15
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds