Search...

Discuz! File Extension Validation Failure Arbitrary Command Execution

2005-08-12T12:13:36

ID OSVDB:18771
Type osvdb
Reporter OSVDB
Modified 2005-08-12T12:13:36

Description

No description provided by the source

References:

Vendor URL: http://www.discuz.com/ Security Tracker: 1014673 Secunia Advisory ID:16433 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0440.html Keyword: SSA-20050812-27 CVE-2005-2614

JSON Vulners Source

Initial Source

{"type": "osvdb", "published": "2005-08-12T12:13:36", "href": "https://vulners.com/osvdb/OSVDB:18771", "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "a0e8aa212ce2ab84b3f169848978ecb7"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "c8117c547d87bc943c8de01f7333eb60"}, {"key": "href", "hash": "14c3229fd78187767826011f01d0f31c"}, {"key": "modified", "hash": "13ce0073060b34388edca73ada46b428"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "13ce0073060b34388edca73ada46b428"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "7564633ec161df2d5f2158177df4920b"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 7.5}, "viewCount": 0, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "OSVDB", "title": "Discuz! File Extension Validation Failure Arbitrary Command Execution", "affectedSoftware": [], "enchantments": {"vulnersScore": 7.5}, "references": [], "id": "OSVDB:18771", "hash": "1e4164c1e5b6f3ff5e61d1222a59c42d8140d0cf1842b26af6c31a8d3bcb1b86", "lastseen": "2017-04-28T13:20:15", "cvelist": ["CVE-2005-2614"], "modified": "2005-08-12T12:13:36", "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.discuz.com/\nSecurity Tracker: 1014673\n[Secunia Advisory ID:16433](https://secuniaresearch.flexerasoftware.com/advisories/16433/)\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0440.html\nKeyword: SSA-20050812-27\n[CVE-2005-2614](https://vulners.com/cve/CVE-2005-2614)\n"}

{"result": {"cve": [{"id": "CVE-2005-2614", "type": "cve", "title": "CVE-2005-2614", "description": "Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing \".php.rar\" or other multiple extensions that include .php.", "published": "2005-08-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2614", "cvelist": ["CVE-2005-2614"], "lastseen": "2016-09-03T05:43:03"}], "nessus": [{"id": "DISCUZ_ARBITRARY_FILE_UPLOAD_FLAW.NASL", "type": "nessus", "title": "Discuz! <= 4.0.0 rc4 Arbitrary File Upload", "description": "The remote host is using Discuz!, a popular web application forum in China. \n\nAccording to its version, the installation of Discuz! on the remote host fails to properly check for multiple extensions in uploaded files. An attacker may be able to exploit this issue to execute arbitrary commands on the remote host subject to the privileges of the web server user id.", "published": "2005-09-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19751", "cvelist": ["CVE-2005-2614"], "lastseen": "2018-06-14T07:31:47"}], "openvas": [{"id": "OPENVAS:19751", "type": "openvas", "title": "Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw", "description": "The remote host is using Discuz!, a popular web application forum in\nChina. \n\nAccording to its version, the installation of Discuz! on the remote host\nfails to properly check for multiple extensions in uploaded files. An\nattacker may be able to exploit this issue to execute arbitrary commands\non the remote host subject to the privileges of the web server user id,\ntypically nobody.", "published": "2006-03-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=19751", "cvelist": ["CVE-2005-2614"], "lastseen": "2017-07-02T21:10:05"}, {"id": "OPENVAS:136141256231019751", "type": "openvas", "title": "Discuz! <= 4.0.0 rc4 Arbitrary File Upload Flaw", "description": "The remote host is using Discuz!, a popular web application forum in\nChina. \n\nAccording to its version, the installation of Discuz! on the remote host\nfails to properly check for multiple extensions in uploaded files. An\nattacker may be able to exploit this issue to execute arbitrary commands\non the remote host subject to the privileges of the web server user id,\ntypically nobody.", "published": "2006-03-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231019751", "cvelist": ["CVE-2005-2614"], "lastseen": "2018-04-06T11:15:46"}]}}