Search...

CVE-2005-3261

2005-10-20T10:02:00

ID CVE-2005-3261
Type cve
Reporter cve@mitre.org
Modified 2016-10-18T03:34:00

Description

getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request.

JSON Vulners Source

Initial Source

{"id": "CVE-2005-3261", "bulletinFamily": "NVD", "title": "CVE-2005-3261", "description": "getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request.", "published": "2005-10-20T10:02:00", "modified": "2016-10-18T03:34:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3261", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/15075", "http://rgod.altervista.org/versatile100RC2.html", "http://www.osvdb.org/19973", "http://secunia.com/advisories/17174/", "http://marc.info/?l=bugtraq&m=112907535528616&w=2"], "cvelist": ["CVE-2005-3261"], "type": "cve", "lastseen": "2020-10-03T11:34:56", "edition": 3, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:19973"]}], "modified": "2020-10-03T11:34:56", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2020-10-03T11:34:56", "rev": 2}, "vulnersScore": 5.0}, "cpe": ["cpe:/a:versatilebulletinboard:versatilebulletinboard:1.0.0.rc2"], "affectedSoftware": [{"cpeName": "versatilebulletinboard:versatilebulletinboard", "name": "versatilebulletinboard", "operator": "eq", "version": "1.0.0.rc2"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:versatilebulletinboard:versatilebulletinboard:1.0.0.rc2:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:versatilebulletinboard:versatilebulletinboard:1.0.0.rc2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}}

{"osvdb": [{"lastseen": "2017-04-28T13:20:16", "bulletinFamily": "software", "cvelist": ["CVE-2005-3261"], "edition": 1, "description": "## Vulnerability Description\nversatileBulletinBoard (vBB) contains a flaw that may lead to an unauthorized information disclosure. \u00a0The issue is triggered when a remote attacker calls the getversions.php script, which will disclose detailed file and version information resulting in a loss of confidentiality.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nversatileBulletinBoard (vBB) contains a flaw that may lead to an unauthorized information disclosure. \u00a0The issue is triggered when a remote attacker calls the getversions.php script, which will disclose detailed file and version information resulting in a loss of confidentiality.\n## Manual Testing Notes\nhttp://[target]/[path]/getversions.php\n## References:\nVendor URL: http://vbb.eniki.de/\n[Secunia Advisory ID:17174](https://secuniaresearch.flexerasoftware.com/advisories/17174/)\n[Related OSVDB ID: 19966](https://vulners.com/osvdb/OSVDB:19966)\n[Related OSVDB ID: 19962](https://vulners.com/osvdb/OSVDB:19962)\n[Related OSVDB ID: 19963](https://vulners.com/osvdb/OSVDB:19963)\n[Related OSVDB ID: 19964](https://vulners.com/osvdb/OSVDB:19964)\n[Related OSVDB ID: 19967](https://vulners.com/osvdb/OSVDB:19967)\n[Related OSVDB ID: 19972](https://vulners.com/osvdb/OSVDB:19972)\n[Related OSVDB ID: 19969](https://vulners.com/osvdb/OSVDB:19969)\n[Related OSVDB ID: 19970](https://vulners.com/osvdb/OSVDB:19970)\n[Related OSVDB ID: 19965](https://vulners.com/osvdb/OSVDB:19965)\n[Related OSVDB ID: 19968](https://vulners.com/osvdb/OSVDB:19968)\n[Related OSVDB ID: 19971](https://vulners.com/osvdb/OSVDB:19971)\nOther Advisory URL: http://rgod.altervista.org/versatile100RC2.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-10/0120.html\n[CVE-2005-3261](https://vulners.com/cve/CVE-2005-3261)\nBugtraq ID: 15075\n", "modified": "2005-10-10T08:19:48", "published": "2005-10-10T08:19:48", "href": "https://vulners.com/osvdb/OSVDB:19973", "id": "OSVDB:19973", "type": "osvdb", "title": "versatileBulletinBoard (vBB) getversions.php Information Disclosure", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}