| Vulnerability Name: | CVE-2004-2044 (CCN-16294) | ||||||||
| Assigned: | 2004-06-01 | ||||||||
| Published: | 2004-06-01 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: BUGTRAQ Type: UNKNOWN 20040601 [Squid 2004-betaNC-001] Inadequate Security Checking in NukeCops betaNC Bundle Source: BUGTRAQ Type: UNKNOWN 20040601 [Squid 2004-OSC2Nuke-001] Inadequate Security Checking in OSC2Nuke Source: CCN Type: BugTraq Mailing List, Tue Jun 01 2004 - 13:40:35 CDT Inadequate Security Checking in PHPNuke v7.3 and earlier Source: MITRE Type: CNA CVE-2004-2044 Source: BUGTRAQ Type: UNKNOWN 20040601 [Squid 2004-betaNC-001] Inadequate Security Checking in NukeCops Source: BUGTRAQ Type: UNKNOWN 20040601 [Squid 2004-Nuke-001] Inadequate Security Checking in PHPNuke Source: BUGTRAQ Type: UNKNOWN 20040606 Re: [Squid 2004-Nuke-001] Inadequate Security Checking in PHPNuke Source: CCN Type: PHP-Nuke Web site PHP-Nuke Source: CCN Type: SA11766 PHP-Nuke Direct Script Access Restriction Bypass Weakness Source: SECUNIA Type: Vendor Advisory 11766 Source: OSVDB Type: Vendor Advisory 6593 Source: CCN Type: OSVDB ID: 6593 PHP-Nuke eregi() Function Calling Script Access Path Disclosure Source: BID Type: Exploit, Vendor Advisory 10447 Source: CCN Type: BID-10447 PHP-Nuke Direct Script Access Security Bypass Vulnerability Source: XF Type: UNKNOWN phpnuke-eregi-path-disclosure(16294) Source: XF Type: UNKNOWN phpnuke-eregi-path-disclosure(16294) Source: XF Type: UNKNOWN osc2nuke-eregi-path-disclosure(16296) Source: XF Type: UNKNOWN oscnukelite-eregi-path-disclosure(16297) Source: XF Type: UNKNOWN nukecops-ergei-path-disclosure(16298) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-2004-2044 (CCN-16296) | ||||||||
| Assigned: | 2004-06-01 | ||||||||
| Published: | 2004-06-01 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jun 01 2004 - 13:42:15 CDT Inadequate Security Checking in OSC2Nuke Source: MITRE Type: CNA CVE-2004-2044 Source: CCN Type: SA11766 PHP-Nuke Direct Script Access Restriction Bypass Weakness Source: CCN Type: osc2nuke Web site osc2nuke Source: CCN Type: OSVDB ID: 6593 PHP-Nuke eregi() Function Calling Script Access Path Disclosure Source: CCN Type: BID-10447 PHP-Nuke Direct Script Access Security Bypass Vulnerability Source: XF Type: UNKNOWN osc2nuke-eregi-path-disclosure(16296) | ||||||||
| Vulnerability Name: | CVE-2004-2044 (CCN-16297) | ||||||||
| Assigned: | 2004-06-01 | ||||||||
| Published: | 2004-06-01 | ||||||||
| Updated: | 2004-06-01 | ||||||||
| Summary: | Oscnukelite could allow a remote attacker to obtain sensitive information. oc2nuke has an internal security checking mechanism that uses the eregi function. A remote attacker could send a specially-crafted URL request to multiple scripts to bypass the security checking mechanism and cause the program to disclose the full installation path. Certain scripts will disclose the full installation path and continue to execute, allowing the attacker to gain access to restricted areas or possibly allow SQL injection. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jun 01 2004 - 13:42:15 CDT Inadequate Security Checking in OSC2Nuke Source: MITRE Type: CNA CVE-2004-2044 Source: CCN Type: SA11766 PHP-Nuke Direct Script Access Restriction Bypass Weakness Source: CCN Type: Osc Nuke Lite Web site Osc Nuke Lite [PHPNuke Final + Oscommerce2.2]oscommerce at it's finest Source: CCN Type: OSVDB ID: 6593 PHP-Nuke eregi() Function Calling Script Access Path Disclosure Source: CCN Type: BID-10447 PHP-Nuke Direct Script Access Security Bypass Vulnerability Source: XF Type: UNKNOWN oscnukelite-eregi-path-disclosure(16297) | ||||||||
| Vulnerability Name: | CVE-2004-2044 (CCN-16298) | ||||||||
| Assigned: | 2004-06-01 | ||||||||
| Published: | 2004-06-01 | ||||||||
| Updated: | 2004-06-01 | ||||||||
| Summary: | Nuke Cops could allow a remote attacker to obtain sensitive information. Nuke Cops has an internal security checking mechanism that uses the eregi function. A remote attacker could send a specially-crafted URL request to multiple scripts to bypass the security checking mechanism and cause the program to disclose the full installation path. Certain scripts will disclose the full installation path and continue to execute, allowing the attacker to gain access to restricted areas or possibly allow SQL injection. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jun 01 2004 - 13:41:27 CDT Inadequate Security Checking in NukeCops betaNC Bundle Source: MITRE Type: CNA CVE-2004-2044 Source: CCN Type: SA11766 PHP-Nuke Direct Script Access Restriction Bypass Weakness Source: CCN Type: Nuke Cops Nuke Cops Web site Source: CCN Type: OSVDB ID: 6593 PHP-Nuke eregi() Function Calling Script Access Path Disclosure Source: CCN Type: BID-10447 PHP-Nuke Direct Script Access Security Bypass Vulnerability Source: XF Type: UNKNOWN nukecops-ergei-path-disclosure(16298) | ||||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||