Vulnerability CVE-2005-1180 - CERT Civis.Net

Vulnerability Name:

CVE-2005-1180 (CCN-20116)

Assigned:

2005-04-13

Published:

2005-04-13

Updated:

2017-07-11

Summary:

HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: CCN
Type: BugTraq Mailing List, Fri Apr 15 2005 - 22:30:18 CDT
Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below

Source: MITRE
Type: CNA
CVE-2005-1180

Source: BUGTRAQ
Type: UNKNOWN
20050415 Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below

Source: CCN
Type: PHP-NUKE
PHP-NUKE the future of the web..

Source: CCN
Type: SA14965
PHP-Nuke "forwarder" Parameter HTTP Response Splitting

Source: SECUNIA
Type: UNKNOWN
14965

Source: MISC
Type: Exploit, Vendor Advisory
http://www.digitalparadox.org/advisories/pnuke.txt

Source: OSVDB
Type: UNKNOWN
15647

Source: CCN
Type: OSVDB ID: 15647
PHP-Nuke modules.php forwarder Parameter Header/Body XSS

Source: CCN
Type: HTTP RESPONSE SPLITTING
DCrab's advisory- PHP-Nuke HTTP RESPONSE SPLITTING

Source: CCN
Type: BID-13201
PHP-Nuke Surveys Module HTTP Response Splitting Vulnerability

Source: XF
Type: UNKNOWN
php-nuke-http-response-splitting(20116)

Source: XF
Type: UNKNOWN
php-nuke-http-response-splitting(20116)

Vulnerable Configuration:

Configuration 1:

cpe:/a:francisco_burzi:php-nuke:*:*:*:*:*:*:*:* (Version <= 7.5)

OR cpe:/a:francisco_burzi:php-nuke:7.6:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:phpnuke:php-nuke:7.0:*:*:*:*:*:*:*

OR cpe:/a:phpnuke:php-nuke:7.4:*:*:*:*:*:*:*

OR cpe:/a:phpnuke:php-nuke:7.6:*:*:*:*:*:*:*

OR cpe:/a:phpnuke:php-nuke:7.5:*:*:*:*:*:*:*

OR cpe:/a:phpnuke:php-nuke:7.1:*:*:*:*:*:*:*

OR cpe:/a:phpnuke:php-nuke:7.2:*:*:*:*:*:*:*

OR cpe:/a:phpnuke:php-nuke:7.3:*:*:*:*:*:*:*

Denotes that component is vulnerable