Vulnerability CVE-2005-3543 - CERT Civis.Net

Vulnerability Name:

CVE-2005-3543 (CCN-22996)

Assigned:

2005-11-07

Published:

2005-11-07

Updated:

2016-10-18

Summary:

SQL injection vulnerability in search.php in Phorum 5.0.0alpha through 5.0.20, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the forum_ids parameter.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Data Manipulation

References:

Source: MITRE
Type: CNA
CVE-2005-3543

Source: BUGTRAQ
Type: UNKNOWN
20051104 [waraxe-2005-SA#043] - Sql injection in Phorum 5.0.20 and earlier

Source: CCN
Type: Phorum Web site
Phorum: PHP Message Board

Source: CONFIRM
Type: UNKNOWN
http://phorum.org/story.php?57

Source: CCN
Type: SA17456
Phorum "forum_ids[]" SQL Injection Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
17456

Source: SREASON
Type: UNKNOWN
153

Source: OSVDB
Type: UNKNOWN
20524

Source: CCN
Type: OSVDB ID: 20524
Phorum search.php forum_ids Parameter SQL Injection

Source: VUPEN
Type: UNKNOWN
ADV-2005-2332

Source: CCN
Type: Waraxe IT Security Portal - Original Advisory
Sql injection in Phorum 5.0.20 and earlier

Source: MISC
Type: Exploit, Patch, Vendor Advisory
http://www.waraxe.us/advisory-43.html

Source: XF
Type: UNKNOWN
phorum-search-sql-injection(22996)

Vulnerable Configuration:

Configuration 1:

cpe:/a:phorum:phorum:5.0.0_alpha:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.1_alpha:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.2_alpha:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.3_beta:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.4_beta:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.4a_beta:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.5_beta:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.6_beta:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.7_beta:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.7a_beta:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.8_rc:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.9:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.10:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.11:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.12:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.13:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.13a:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.14:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.14a:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.15:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.16:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.17:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.18:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.19:*:*:*:*:*:*:*

OR cpe:/a:phorum:phorum:5.0.20:*:*:*:*:*:*:*

Denotes that component is vulnerable