ID CVE-2003-0294
Type cve
Reporter cve@mitre.org
Modified 2016-10-18T02:31:00
Description
autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation.
{"id": "CVE-2003-0294", "bulletinFamily": "NVD", "title": "CVE-2003-0294", "description": "autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation.", "published": "2003-06-16T04:00:00", "modified": "2016-10-18T02:31:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0294", "reporter": "cve@mitre.org", "references": ["http://marc.info/?l=bugtraq&m=105293834421549&w=2"], "cvelist": ["CVE-2003-0294"], "type": "cve", "lastseen": "2020-12-09T19:21:06", "edition": 5, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:9028"]}, {"type": "nessus", "idList": ["PHP_PROXIMA_FILE_READING.NASL"]}], "modified": "2020-12-09T19:21:06", "rev": 2}, "score": {"value": 5.4, "vector": "NONE", "modified": "2020-12-09T19:21:06", "rev": 2}, "vulnersScore": 5.4}, "cpe": ["cpe:/a:php-proxima:php-proxima:6.0"], "affectedSoftware": [{"cpeName": "php-proxima:php-proxima", "name": "php-proxima", "operator": "le", "version": "6.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:php-proxima:php-proxima:6.0:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:php-proxima:php-proxima:6.0:*:*:*:*:*:*:*", "versionEndIncluding": "6.0", "vulnerable": true}], "operator": "OR"}]}}
{"osvdb": [{"lastseen": "2017-04-28T13:20:04", "bulletinFamily": "software", "cvelist": ["CVE-2003-0294"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[CVE-2003-0294](https://vulners.com/cve/CVE-2003-0294)\n", "modified": "2003-05-14T00:00:00", "published": "2003-05-14T00:00:00", "id": "OSVDB:9028", "href": "https://vulners.com/osvdb/OSVDB:9028", "title": "php-proxima autohtml.php Arbitrary File Retrieval", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2021-01-20T13:26:23", "description": "The remote host is running php-proxima, a website portal.\n\nThere is a flaw in this version that allows an attacker to read \narbitrary files on the remote host.", "edition": 24, "published": "2003-05-14T00:00:00", "title": "php-proxima autohtml.php Arbitrary File Retrieval", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0294"], "modified": "2003-05-14T00:00:00", "cpe": ["cpe:/a:php-proxima:php-proxima"], "id": "PHP_PROXIMA_FILE_READING.NASL", "href": "https://www.tenable.com/plugins/nessus/11630", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# Ref:\n# From: \"Mind Warper\" <mindwarper@linuxmail.org>\n# To: bugtraq@securityfocus.com\n# Date: Thu, 15 May 2003 01:43:40 +0800\n# Subject: php-proxima Remote File Access Vulnerability\n\n\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(11630);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n script_cve_id(\"CVE-2003-0294\");\n\n script_name(english:\"php-proxima autohtml.php Arbitrary File Retrieval\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Arbitrary files can be run on the remote server.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running php-proxima, a website portal.\n\nThere is a flaw in this version that allows an attacker to read \narbitrary files on the remote host.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"None at this time - disable this CGI.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2003/05/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2003/05/14\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_set_attribute(attribute:\"cpe\",value:\"cpe:/a:php-proxima:php-proxima\");\nscript_end_attributes();\n\n script_summary(english:\"Determines owl is installed\");\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n script_copyright(english:\"This script is Copyright (C) 2003-2021 Tenable Network Security, Inc.\");\n script_dependencie(\"webmirror.nasl\", \"http_version.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_keys(\"www/PHP\");\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\n\nport = get_http_port(default:80);\n\nif(!can_host_php(port:port)) exit(0);\n\n\nforeach d (cgi_dirs())\n{\n r = http_send_recv3(method: \"GET\", item:d + \"/autohtml.php?op=modload&mailfile=x&name=../../../../../../../../etc/passwd\", port:port);\n if (isnull(r)) exit(0);\n res = strcat(r[0], r[1], '\\r\\n', r[2]);\n if(egrep(pattern:\"root:.*:0:[01]:.*\", string:res))\n \t{\n \tsecurity_warning(port);\n\texit(0);\n\t}\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
