Lucene search

MitreCVE-2004-1769

HistoryMar 10, 2005 - 5:00 a.m.

CVE-2004-1769

2005-03-1005:00:00

mitre

web.nvd.nist.gov

cpanel

remote code execution

vulnerability

cve-2004-1769

security

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.119

Percentile

95.4%

JSON

The “Allow cPanel users to reset their password via email” feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.

Affected configurations

Nvd

Node

cpanelcpanelMatch5.0

cpanelcpanelMatch5.3

cpanelcpanelMatch6.0

cpanelcpanelMatch6.2

cpanelcpanelMatch6.4

cpanelcpanelMatch6.4.1

cpanelcpanelMatch6.4.2

cpanelcpanelMatch6.4.2_stable_48

cpanelcpanelMatch7.0

cpanelcpanelMatch8.0

cpanelcpanelMatch9.0

cpanelcpanelMatch9.1

VendorProductVersionCPE
cpanelcpanel5.0cpe:2.3:a:cpanel:cpanel:5.0:*:*:*:*:*:*:*
cpanelcpanel5.3cpe:2.3:a:cpanel:cpanel:5.3:*:*:*:*:*:*:*
cpanelcpanel6.0cpe:2.3:a:cpanel:cpanel:6.0:*:*:*:*:*:*:*
cpanelcpanel6.2cpe:2.3:a:cpanel:cpanel:6.2:*:*:*:*:*:*:*
cpanelcpanel6.4cpe:2.3:a:cpanel:cpanel:6.4:*:*:*:*:*:*:*
cpanelcpanel6.4.1cpe:2.3:a:cpanel:cpanel:6.4.1:*:*:*:*:*:*:*
cpanelcpanel6.4.2cpe:2.3:a:cpanel:cpanel:6.4.2:*:*:*:*:*:*:*
cpanelcpanel6.4.2_stable_48cpe:2.3:a:cpanel:cpanel:6.4.2_stable_48:*:*:*:*:*:*:*
cpanelcpanel7.0cpe:2.3:a:cpanel:cpanel:7.0:*:*:*:*:*:*:*
cpanelcpanel8.0cpe:2.3:a:cpanel:cpanel:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cpanel	cpanel	5.0	cpe:2.3:a:cpanel:cpanel:5.0:::::::*
cpanel	cpanel	5.3	cpe:2.3:a:cpanel:cpanel:5.3:::::::*
cpanel	cpanel	6.0	cpe:2.3:a:cpanel:cpanel:6.0:::::::*
cpanel	cpanel	6.2	cpe:2.3:a:cpanel:cpanel:6.2:::::::*
cpanel	cpanel	6.4	cpe:2.3:a:cpanel:cpanel:6.4:::::::*
cpanel	cpanel	6.4.1	cpe:2.3:a:cpanel:cpanel:6.4.1:::::::*
cpanel	cpanel	6.4.2	cpe:2.3:a:cpanel:cpanel:6.4.2:::::::*
cpanel	cpanel	6.4.2_stable_48	cpe:2.3:a:cpanel:cpanel:6.4.2_stable_48:::::::*
cpanel	cpanel	7.0	cpe:2.3:a:cpanel:cpanel:7.0:::::::*
cpanel	cpanel	8.0	cpe:2.3:a:cpanel:cpanel:8.0:::::::*

Rows per page:

1-10 of 121

References

marc.info/?l=bugtraq&m=107904890724201&w=2

secunia.com/advisories/11111

www.kb.cert.org/vuls/id/831534

www.securityfocus.com/archive/1/357064/2004-03-08/2004-03-14/0

www.securityfocus.com/bid/9848

exchange.xforce.ibmcloud.com/vulnerabilities/15443

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.119

Percentile

95.4%

JSON

Related for CVE-2004-1769