VYPR
Unrated severityNVD Advisory· Published Dec 3, 2015· Updated Jun 17, 2026

CVE-2015-0859

CVE-2015-0859

Description

The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokeping_cgi, which allows remote attackers to execute arbitrary code via crafted CGI arguments.

Affected products

3
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • Debian/smokepingllm-create
    Range: <2.6.8-2+deb7u1 (wheezy) / <2.6.9-1+deb8u1 (jessie)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.