{"id": "CVE-2005-1089", "bulletinFamily": "NVD", "title": "CVE-2005-1089", "description": "Unknown vulnerability in DC++ before 0.674 allows attackers to append data to arbitrary files.", "published": "2005-04-11T04:00:00", "modified": "2008-09-05T20:48:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1089", "reporter": "cve@mitre.org", "references": ["http://www.osvdb.org/15433", "http://dcplusplus.sourceforge.net/index.php?t=8&s=1", "http://secunia.com/advisories/14880"], "cvelist": ["CVE-2005-1089"], "type": "cve", "lastseen": "2019-05-29T18:08:13", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "18fab32e5aff4ce4c5e50cb4b16104c6"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "2dd5a9aa6010a5151237638721402d1d"}, {"key": "cvss", "hash": "b5bbdd851ff7634dd01c09e00d03be1e"}, {"key": "cvss2", "hash": "e2b44d17a049a159a684c7e2b843b3fa"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "7a7cf47cbd3ae82f7bfeaab42e7ebd56"}, {"key": "href", "hash": "5f4e7c79ca4e5eef4adfd69c4820c5ae"}, {"key": "modified", "hash": "2ef4e41d9b5a6dda848b65907ac63c54"}, {"key": "published", "hash": "796dc043446d101d6f330e95ee2999a7"}, {"key": "references", "hash": "84b6d9190137cd26b0a2ef71d17c5883"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "79261a073bd4f4d9fb01a06b0d80940b"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "9a4ade2f526daa65e4b66aa147fb4510cc9ec9d0fd5b01323270eb694036568b", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["DCPLUSPLUS_DOWNLOAD_DRIVE_FILE_APPENDS.NASL"]}], "modified": "2019-05-29T18:08:13"}, "score": {"value": 5.2, "vector": "NONE", "modified": "2019-05-29T18:08:13"}, "vulnersScore": 5.2}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [{"name": "dc++ dc++", "operator": "le", "version": "0.673"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": [], "cwe": ["NVD-CWE-Other"]}

{"nessus": [{"lastseen": "2019-11-01T02:18:16", "bulletinFamily": "scanner", "description": "According to its version number, the DC++ client installed on the\nremote host is affected by a vulnerability that may let a remote user\nappend data to files anywhere on the drive on which DC++ is\ninstalled.", "modified": "2019-11-02T00:00:00", "id": "DCPLUSPLUS_DOWNLOAD_DRIVE_FILE_APPENDS.NASL", "href": "https://www.tenable.com/plugins/nessus/18012", "published": "2005-04-12T00:00:00", "title": "DC++ Download Drive Arbitrary File Appending", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description) {\n script_id(18012);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/06 11:26:08\");\n\n script_cve_id(\"CVE-2005-1089\");\n script_bugtraq_id(13088);\n\n script_name(english:\"DC++ Download Drive Arbitrary File Appending\");\n script_summary(english:\"Checks for download drive file appending vulnerability in DC++\");\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains an application that is affected by a\nfile integrity flaw.\" );\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the DC++ client installed on the\nremote host is affected by a vulnerability that may let a remote user\nappend data to files anywhere on the drive on which DC++ is\ninstalled.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://sourceforge.net/project/shownotes.php?group_id=40287&release_id=319316\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to DC++ 0.674 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/04/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/04/11\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\n\n# Look in the registry for the version of DC++ installed.\nkey = \"SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/DC++/DisplayVersion\";\nver = get_kb_item(key);\nif (ver && ver =~ \"^0\\.([0-5]|6([0-6]|7[0-3]))\")\n security_warning(get_kb_item(\"SMB/transport\"));\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}]}