Web application abuses : Zeroboard < 4.1pl6 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.16178

Categoría: Web application abuses

Título: Zeroboard < 4.1pl6 Multiple Vulnerabilities - Active Check

Resumen: Zeroboard is prone to multiple vulnerabilities.

Descripción: Summary:
Zeroboard is prone to multiple vulnerabilities.

Vulnerability Insight:
The remote version of this CGI is vulnerable to multiple flaws
which may allow an attacker to execute arbitrary PHP commands on the remote host by including a
PHP file hosted on a third-party server, or to read arbitrary files with the privileges of the
remote web server.

Affected Software/OS:
Zeroboard prior to version 4.1pl6.

Solution:
Update to version 4.1pl6 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0379
BugTraq ID: 12257
http://www.securityfocus.com/bid/12257
Bugtraq: 20050113 STG Security Advisory: [SSA-20050113-25] ZeroBoard multiple vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=110565373407474&w=2
http://securitytracker.com/id?1012884
XForce ISS Database: zeroboard-file-disclosure(18891)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18891
Common Vulnerability Exposure (CVE) ID: CVE-2005-0380
BugTraq ID: 12206
http://www.securityfocus.com/bid/12206
BugTraq ID: 12258
http://www.securityfocus.com/bid/12258
http://www.osvdb.org/12928
http://www.osvdb.org/12929
http://www.osvdb.org/12930
http://www.osvdb.org/12931
http://www.osvdb.org/12932
http://secunia.com/advisories/13769
XForce ISS Database: zeroboard-printcategory-file-include(18892)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18892
XForce ISS Database: zeroboard-zero-vote-file-include(18893)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18893

Copyright Copyright (C) 2005 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.16178
Categoría:	Web application abuses
Título:	Zeroboard < 4.1pl6 Multiple Vulnerabilities - Active Check
Resumen:	Zeroboard is prone to multiple vulnerabilities.
Descripción:	Summary: Zeroboard is prone to multiple vulnerabilities. Vulnerability Insight: The remote version of this CGI is vulnerable to multiple flaws which may allow an attacker to execute arbitrary PHP commands on the remote host by including a PHP file hosted on a third-party server, or to read arbitrary files with the privileges of the remote web server. Affected Software/OS: Zeroboard prior to version 4.1pl6. Solution: Update to version 4.1pl6 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0379 BugTraq ID: 12257 http://www.securityfocus.com/bid/12257 Bugtraq: 20050113 STG Security Advisory: [SSA-20050113-25] ZeroBoard multiple vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110565373407474&w=2 http://securitytracker.com/id?1012884 XForce ISS Database: zeroboard-file-disclosure(18891) https://exchange.xforce.ibmcloud.com/vulnerabilities/18891 Common Vulnerability Exposure (CVE) ID: CVE-2005-0380 BugTraq ID: 12206 http://www.securityfocus.com/bid/12206 BugTraq ID: 12258 http://www.securityfocus.com/bid/12258 http://www.osvdb.org/12928 http://www.osvdb.org/12929 http://www.osvdb.org/12930 http://www.osvdb.org/12931 http://www.osvdb.org/12932 http://secunia.com/advisories/13769 XForce ISS Database: zeroboard-printcategory-file-include(18892) https://exchange.xforce.ibmcloud.com/vulnerabilities/18892 XForce ISS Database: zeroboard-zero-vote-file-include(18893) https://exchange.xforce.ibmcloud.com/vulnerabilities/18893
Copyright	Copyright (C) 2005 David Maciejak