Lucene search

[email protected]CVE-2005-1892

HistoryJun 09, 2005 - 4:00 a.m.

CVE-2005-1892

2005-06-0904:00:00

CWE-425

[email protected]

web.nvd.nist.gov

cve

flatnuke

remote attackers

denial of service

sensitive information

web security

7.6 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.008 Low

EPSS

Percentile

81.9%

JSON

FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message.

CPENameOperatorVersion
flatnuke:flatnukeflatnukele2.5.3

CPE	Name	Operator	Version
flatnuke:flatnuke	flatnuke	le	2.5.3

References

flatnuke.sourceforge.net/index.php?mod=read&id=1117979256

secunia.com/advisories/15603

securitytracker.com/id?1014114

secwatch.org/advisories/secwatch/20050604_flatnuke.txt

www.vupen.com/english/advisories/2005/0697

7.6 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.008 Low

EPSS

Percentile

81.9%

JSON

Related for CVE-2005-1892

cvelist1