Lucene search

[email protected]CVE-2006-4758

HistorySep 13, 2006 - 11:07 p.m.

CVE-2006-4758

2006-09-1323:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4758

phpbb

file upload

vulnerability

security

nvd

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.4%

JSON

phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00.

CPENameOperatorVersion
phpbb_group:phpbbphpbb group phpbbeq2.0.21

CPE	Name	Operator	Version
phpbb_group:phpbb	phpbb group phpbb	eq	2.0.21

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=388120

secunia.com/advisories/22188

secunia.com/advisories/28871

www.debian.org/security/2008/dsa-1488

www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624

www.security.nnov.ru/Odocument221.html

www.securityfocus.com/archive/1/445788/100/0/threaded

www.securityfocus.com/bid/20347

www.securityfocus.com/bid/21806

exchange.xforce.ibmcloud.com/vulnerabilities/28884

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.4%

JSON

Related for CVE-2006-4758

nessus3 freebsd1 openvas4 ubuntucve1 osv1 debian1