Vulnerability Name:
CVE-2001-1051 (CCN-7215)
Assigned:
2001-10-02
Published:
2001-10-02
Updated:
2017-12-19
Summary:
Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVSS v3 Severity:
7.3 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
Low
Availibility (A):
Low
CVSS v2 Severity:
7.5 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
7.5 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Gain Privileges
References:
Source: BUGTRAQ
Type: Patch, Vendor Advisory
20011002 results of semi-automatic source code audit
Source: CCN
Type: BugTraq Mailing List, Tue Oct 02 2001 - 16:59:09 CDT
results of semi-automatic source code audit
Source: MITRE
Type: CNA
CVE-2001-1048
Source: MITRE
Type: CNA
CVE-2001-1049
Source: MITRE
Type: CNA
CVE-2001-1050
Source: MITRE
Type: CNA
CVE-2001-1051
Source: MITRE
Type: CNA
CVE-2001-1052
Source: MITRE
Type: CNA
CVE-2001-1054
Source: MITRE
Type: CNA
CVE-2001-1234
Source: MITRE
Type: CNA
CVE-2001-1235
Source: MITRE
Type: CNA
CVE-2001-1236
Source: MITRE
Type: CNA
CVE-2001-1237
Source: MITRE
Type: CNA
CVE-2001-1296
Source: MITRE
Type: CNA
CVE-2001-1297
Source: MITRE
Type: CNA
CVE-2001-1298
Source: MITRE
Type: CNA
CVE-2001-1299
Source: CCN
Type: Empris Web site
Empris
Source: CCN
Type: AWOL Web site
Project details for AWOL
Source: CCN
Type: Webodex Web site
Webodex
Source: CCN
Type: myphpPagetool Web site
Welcome to myphpPagetool
Source: CCN
Type: Phorecast Web site
What is Phorecast?
Source: CCN
Type: SourceForge.net
Project: SIPS
Source: MISC
Type: Exploit, Vendor Advisory
http://sourceforge.net/tracker/index.php?func=detail&aid=440666&group_id=20971&atid=120971
Source: CCN
Type: CCCSoftware Web site
CCC
Source: CCN
Type: US-CERT VU#847803
Php variables passed from the browser are stored in global context
Source: CCN
Type: more.groupware Web site
latest news
Source: CCN
Type: OSVDB ID: 13058
Empris includedir Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 13059
CCCSoftware CCC includedir Remote File Inclusion
Source: CCN
Type: OSVDB ID: 13060
Dark Hart Portal darkportal includedir Remote File Inclusion
Source: CCN
Type: OSVDB ID: 13090
Webodex CGI Script Remote File Inclusion
Source: CCN
Type: OSVDB ID: 1959
AWOL helperfunction.php includedir Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 1960
Actionpoll includedir Remote File Inclusion
Source: CCN
Type: OSVDB ID: 1961
ZorbStats includedir Remote File Inclusion
Source: CCN
Type: OSVDB ID: 1962
Phorecast Arbitrary File Inclusion
Source: CCN
Type: OSVDB ID: 1963
phpAdsNew helperfunction.php Remote File Inclusion
Source: CCN
Type: OSVDB ID: 1964
Phormation phormationdir Arbitrary File Inclusion
Source: CCN
Type: OSVDB ID: 1965
myphpPagetool helperfunction.php includedir Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 1966
pSlash includedir Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 1967
Bharat Mediratta Gallery includedir Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 35356
ActionPoll actionpoll.php CONFIG_POLLDB Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 35357
ActionPoll db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 37417
ActionPoll db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion
Source: CCN
Type: OSVDB ID: 5433
More.groupware Remote File Inclusion
Source: CCN
Type: PeaceWorks Computer Consulting Web site
Phormation
Source: CCN
Type: pSlash Web site
pSlash Web Portal System
Source: CCN
Type: BID-3383
Marc Logemann More.groupware Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3384
Actionpoll Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3385
Grant Horwood Webodex Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3386
Zorbat ZorbStats Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3387
AWOL Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3388
Paul M. Jones Phorecast Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3389
CCC Remote Arbitrary Code Execution Vulnerability
Source: BID
Type: Vendor Advisory
3390
Source: CCN
Type: BID-3390
Dark Hart Portal Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3391
Empris Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3392
PHPAdsNew Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3393
Peaceworks Computer Consulting Phormation Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3394
Sebastian Bunka myphpPagetool Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3395
Derek Leung pSlash Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3396
Haakon Nilsen SIPS Remote Arbitrary Code Execution Vulnerability
Source: CCN
Type: BID-3397
Bharat Mediratta Gallery Remote Arbitrary Code Execution Vulnerability
Source: XF
Type: UNKNOWN
php-includedir-code-execution(7215)
Source: XF
Type: UNKNOWN
php-includedir-code-execution(7215)
Vulnerable Configuration:
Configuration 1
:
cpe:/a:dark_hart_portal:darkportal-unix:0.1.16:*:*:*:*:*:*:*
OR
cpe:/a:dark_hart_portal:darkportal-unix:0.1.17:*:*:*:*:*:*:*
OR
cpe:/a:dark_hart_portal:darkportal-unix:0.1.18:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:grant_horwood:webodex:1.0:*:*:*:*:*:*:*
OR
cpe:/a:zorbat:zorbstats:0.8:*:*:*:*:*:*:*
OR
cpe:/a:cccsoftware:ccc:1.03:*:*:*:*:*:*:*
OR
cpe:/a:emergenices_personnel_information_system:empris:0.4:*:*:*:*:*:*:*
OR
cpe:/a:peaceworks_computer_consulting:phormation:0.9.1:*:*:*:*:*:*:*
OR
cpe:/a:derek_leung:pslash:0.70:*:*:*:*:*:*:*
OR
cpe:/a:gallery:gallery:1.2.1:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
dark_hart_portal
darkportal-unix 0.1.16
dark_hart_portal
darkportal-unix 0.1.17
dark_hart_portal
darkportal-unix 0.1.18
grant_horwood
webodex 1.0
zorbat
zorbstats 0.8
cccsoftware
ccc 1.03
emergenices_personnel_information_system
empris 0.4
peaceworks_computer_consulting
phormation 0.9.1
derek_leung
pslash 0.70
gallery
gallery 1.2.1
Denotes that component is vulnerable