ID CVE-2005-4159 Type cve Reporter cve@mitre.org Modified 2018-10-19T15:40:00
Description
DISPUTED NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum (SMF) 1.1 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. NOTE: the vendor says that since only one character can be modified, there is no SQL injection. Thus this might be an "invalid SQL syntax error." Multiple followups support the vendor.
{"id": "CVE-2005-4159", "bulletinFamily": "NVD", "title": "CVE-2005-4159", "description": "** DISPUTED ** NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum (SMF) 1.1 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. NOTE: the vendor says that since only one character can be modified, there is no SQL injection. Thus this might be an \"invalid SQL syntax error.\" Multiple followups support the vendor.", "published": "2005-12-11T11:03:00", "modified": "2018-10-19T15:40:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4159", "reporter": "cve@mitre.org", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/23546", "http://www.securityfocus.com/bid/15791", "http://www.securityfocus.com/archive/1/419535/100/0/threaded", "http://www.securityfocus.com/archive/1/419105/100/0/threaded", "http://archives.neohapsis.com/archives/bugtraq/2005-12/0090.html", "http://www.securityfocus.com/archive/1/419068/100/0/threaded", "http://www.securityfocus.com/archive/1/419250/100/0/threaded"], "cvelist": ["CVE-2005-4159"], "type": "cve", "lastseen": "2019-05-29T18:08:16", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "2c70c8ba0d84e01d80471c7afd4d57a8"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "b32c085d4e086c8cd35a6c152b11900f"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "7f7c77d2dde7216a66d00321bd5828f8"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "72776813ff53426124c7b154b6daa049"}, {"key": "href", "hash": "168c8bcf563d7dbdc7be86a3fa144978"}, {"key": "modified", "hash": "c8b3d3dd27f3d665e9584bf815c139f9"}, {"key": "published", "hash": "5cb16704b8c5bea13c02b7c5e8d67ea8"}, {"key": "references", "hash": "c0600bd6378996df09e950e485d57415"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "25404304f8ee1e7242ed67534182b611"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "5f23cfe1b3aba833f3f93c8cc2de1fb7e7ad9ad0c54ab1b805b9767b4152ad73", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:21722"]}], "modified": "2019-05-29T18:08:16"}, "score": {"value": 5.2, "vector": "NONE", "modified": "2019-05-29T18:08:16"}, "vulnersScore": 5.2}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [{"name": "simple_machines simple_machines_forum", "operator": "le", "version": "1.1_rc1"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": [], "cwe": ["NVD-CWE-Other"]}
{"osvdb": [{"lastseen": "2017-04-28T13:20:18", "bulletinFamily": "software", "description": "## Technical Description\nThis issue was originally reported as an SQL injection vulnerability. Subsequent testing by several researchers revealed that the original error message revealed the installation path. Input provided to SMF is sanitized and only allows for a single character insertion, not enough to manipulate SQL queries.\n## Manual Testing Notes\nhttp://[target]/smf/index.php?action=mlist;sa=all;start='\n## References:\nVendor URL: http://www.simplemachines.org/\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0102.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0113.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0131.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0090.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0125.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0168.html\n[CVE-2005-4159](https://vulners.com/cve/CVE-2005-4159)\nBugtraq ID: 15791\n", "modified": "2005-12-09T17:12:04", "published": "2005-12-09T17:12:04", "href": "https://vulners.com/osvdb/OSVDB:21722", "id": "OSVDB:21722", "title": "Simple Machines Forum (SMF) Memberlist.php start Variable Path Disclosure", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
