Lucene search

[email protected]NVD:CVE-2008-5906

HistoryJan 15, 2009 - 5:30 p.m.

CVE-2008-5906

2009-01-1517:30:00

CWE-20

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface’s PHP scripts.

Affected configurations

NVD

Node

ktorrentktorrentRange≤3.1.3

ktorrentktorrentMatch0.9

ktorrentktorrentMatch1.0

ktorrentktorrentMatch1.1

ktorrentktorrentMatch1.2

ktorrentktorrentMatch1.2rc1

ktorrentktorrentMatch1.2rc2

ktorrentktorrentMatch2.0

ktorrentktorrentMatch2.0beta1

ktorrentktorrentMatch2.0rc1

ktorrentktorrentMatch2.0.1

ktorrentktorrentMatch2.0.2

ktorrentktorrentMatch2.0.3

ktorrentktorrentMatch2.1

ktorrentktorrentMatch2.1beta1

ktorrentktorrentMatch2.1rc1

ktorrentktorrentMatch2.1.1

ktorrentktorrentMatch2.1.2

ktorrentktorrentMatch2.1.3

ktorrentktorrentMatch2.1.4

ktorrentktorrentMatch2.2

ktorrentktorrentMatch2.2beta1

ktorrentktorrentMatch2.2rc1

ktorrentktorrentMatch2.2.1

ktorrentktorrentMatch2.2.2

ktorrentktorrentMatch2.2.3

ktorrentktorrentMatch2.2.4

ktorrentktorrentMatch2.2.5

ktorrentktorrentMatch2.2.6

ktorrentktorrentMatch2.2.7

ktorrentktorrentMatch2.2.8

ktorrentktorrentMatch3.0beta1

ktorrentktorrentMatch3.0rc1

ktorrentktorrentMatch3.0.0

ktorrentktorrentMatch3.0.1

ktorrentktorrentMatch3.0.2

ktorrentktorrentMatch3.1.1

ktorrentktorrentMatch3.1.2

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178

ktorrent.org/?q=node/23

openwall.com/lists/oss-security/2009/01/08/1

secunia.com/advisories/32442

secunia.com/advisories/32447

secunia.com/advisories/33675

secunia.com/advisories/34003

security.gentoo.org/glsa/glsa-200902-05.xml

www.securityfocus.com/bid/31927

www.ubuntu.com/usn/USN-711-1

www.vupen.com/english/advisories/2008/2911

bugs.gentoo.org/show_bug.cgi?id=244741

exchange.xforce.ibmcloud.com/vulnerabilities/46118

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Related for NVD:CVE-2008-5906

cvelist1 cve1 ubuntucve1 debiancve1 prion1 redhatcve1 nessus2 gentoo1 ubuntu1 openvas7