Lucene search
Ubuntu.comUB:CVE-2008-6171HistoryFeb 19, 2009 - 12:00 a.m.
CVE-2008-6171
2009-02-1900:00:00
ubuntu.com
ubuntu.com
11
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.015
Percentile
87.1%
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when
the server is configured for “IP-based virtual hosts,” allows remote
attackers to include and execute arbitrary files via the HTTP Host header.
Notes
| Author | Note |
|---|---|
| mdeslaur | SA-2008-067 |
Related
prion
prion
Design/Logic Flaw
2009-02-19 15:30:00
Design/Logic Flaw
2009-02-19 16:30:00
cve
cve
CVE-2008-6171
2009-02-19 15:30:00
CVE-2008-6176
2009-02-19 16:30:00
cvelist
cvelist
CVE-2008-6171
2009-02-19 15:02:00
redhatcve
redhatcve
CVE-2008-6171
2019-10-04 20:58:35
CVE-2008-6176
2019-10-04 20:58:41
nvd
nvd
CVE-2008-6171
2009-02-19 15:30:00
CVE-2008-6176
2009-02-19 16:30:00
nessus
nessus
Fedora 8 : drupal-5.12-1.fc8 (2008-9170)
2008-10-27 00:00:00
Fedora 9 : drupal-6.6-1.fc9 (2008-9213)
2008-10-31 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.015
Percentile
87.1%
Related for UB:CVE-2008-6171