| Vulnerability Name: | CVE-2004-1020 (CCN-18516) |
| Assigned: | 2004-12-15 |
| Published: | 2004-12-15 |
| Updated: | 2017-07-11 |
| Summary: | The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magic_quotes_gpc mechanism.
Note: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
|
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): Low
Integrity (I): None
Availibility (A): None |
|
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None |
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None |
|
| Vulnerability Type: | CWE-Other
|
| Vulnerability Consequences: | Obtain Information |
| References: | Source: CCN
Type: BugTraq Mailing List, Wed Dec 15 2004 - 12:46:20 CST
Advisory 01/2004: Multiple vulnerabilities in PHP 4/5
Source: CCN
Type: BugTraq Mailing List, Thu Dec 16 2004 - 08:09:55 CST
PHP Input Validation Vulnerabilities
Source: MITRE
Type: CNA
CVE-2004-1020
Source: CONECTIVA
Type: UNKNOWN
CLA-2005:915
Source: CCN
Type: CIAC Information Bulletin P-116
Apple Security Update 2005-001 for Mac OS X
Source: CCN
Type: GLSA-200412-14
PHP: Multiple vulnerabilities
Source: GENTOO
Type: Vendor Advisory
GLSA-200412-14
Source: MANDRAKE
Type: UNKNOWN
MDKSA-2004:151
Source: CCN
Type: OpenPKG-SA-2004.053
PHP
Source: CCN
Type: OSVDB ID: 12600
PHP addslashes() NULL Byte Bypass
Source: CCN
Type: PHP Web site
PHP 4.3.10 Release Announcement
Source: CONFIRM
Type: Vendor Advisory
http://www.php.net/release_4_3_10.php
Source: HP
Type: UNKNOWN
HPSBMA01212
Source: BUGTRAQ
Type: Exploit, Vendor Advisory
20041216 PHP Input Validation Vulnerabilities
Source: BID
Type: Exploit, Patch
11981
Source: CCN
Type: BID-11981
PHP Multiple Remote Vulnerabilities
Source: XF
Type: UNKNOWN
php-addslashes-view-files(18516)
Source: XF
Type: UNKNOWN
php-addslashes-view-files(18516)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:php:php:4.3.6:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.7:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.8:*:*:*:*:*:*:*OR cpe:/a:php:php:4.3.9:*:*:*:*:*:*:*OR cpe:/a:php:php:5.0:rc1:*:*:*:*:*:*OR cpe:/a:php:php:5.0:rc2:*:*:*:*:*:*OR cpe:/a:php:php:5.0:rc3:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.1:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.2:-:*:*:*:*:*:*
Configuration CCN 1:
cpe:/a:php:php:4.0.5:-:*:*:*:*:*:*OR cpe:/a:php:php:4.1.1:*:*:*:*:*:*:*OR cpe:/a:php:php:4.2.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.2.1:-:*:*:*:*:*:*OR cpe:/a:php:php:4.2.3:-:*:*:*:*:*:*OR cpe:/a:php:php:4.2.2:*:*:*:*:*:*:*OR cpe:/a:php:php:4.3.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.4:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.9:*:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.3:-:*:*:*:*:*:*OR cpe:/a:php:php:5.0.2:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.0:*:*:*:*:*:*:*OR cpe:/a:php:php:4.0.1:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.2:*:*:*:*:*:*:*OR cpe:/a:php:php:4.0.3:*:*:*:*:*:*:*OR cpe:/a:php:php:4.0.4:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.6:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0.7:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta1:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta2:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta3:*:*:*:*:*:*OR cpe:/a:php:php:4.0:beta4:*:*:*:*:*:*OR cpe:/a:php:php:4.1.0:-:*:*:*:*:*:*OR cpe:/a:php:php:4.1.2:*:*:*:*:*:*:*OR cpe:/a:php:php:4.3.1:*:*:*:*:*:*:*OR cpe:/a:php:php:4.3.2:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.5:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.6:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.7:-:*:*:*:*:*:*OR cpe:/a:php:php:4.3.8:*:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta1:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta2:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta3:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:beta4:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc1:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc2:*:*:*:*:*:*OR cpe:/a:php:php:5.0.0:rc3:*:*:*:*:*:*OR cpe:/a:php:php:5.0.1:-:*:*:*:*:*:*OR cpe:/a:php:php:4.0:rc1:*:*:*:*:*:*OR cpe:/a:php:php:4.0:rc2:*:*:*:*:*:*AND cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*OR cpe:/a:openpkg:openpkg:2.1:*:*:*:*:*:*:*OR cpe:/a:openpkg:openpkg:2.2:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |