admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-27xx/CVE-2008-2717.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

192 lines
6.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-2717",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-06-16T22:41:00.000",
"lastModified": "2018-10-11T20:42:37.587",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."
},
{
"lang": "es",
"value": "TYPO3 versiones 4.0.x anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.7, y versiones 4.2.x anteriores a 4.2.1, utiliza un fileDenyPattern predeterminado insuficientemente restrictivo para Apache, que permite a los atacantes remotos omitir las restricciones de seguridad y cargar archivos de configuraci\u00f3n como .htaccess, o conducir ataques de carga de archivos mediante varias extensiones."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:apache_webserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DF97C8-A5E1-4091-A43D-B8F60E0313E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25EAE65C-1E17-48CD-B48C-E0BC09FB6596"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "501A9157-044A-4856-8092-418D7329EED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA47174-9BC4-4B74-8618-6A7B0773553B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A13146E-EC04-4354-9123-BC7CB292C66A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F27B173-8D10-47F7-8450-F8808A918295"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1FAD0A-6B98-476B-BCD2-361996CA1C36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AE992D57-AF82-4BF0-96E8-98110C0AEBF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9A484F-C34D-4885-8125-D9C8725EEB4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCB2DE6-4407-4E40-8574-9C813183565B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F271C6-B5A7-4B06-A3DF-4C7F74090CC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "161E310F-F2D8-40B3-8390-8C52ACDD0B72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B33D32-4D59-4768-A2C6-9DC7CD30F5E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4679B5DF-25FA-40E9-A322-DF1FF1BC7E7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "96D69530-AE74-4012-B522-01D0B6B01662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5514D17F-95A5-48C5-9F91-554F8D3C3DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E46E35EC-FF7B-4510-A5F2-FC230B7477B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "884B4418-83A4-4BCB-8019-306285EB418E"
}
]
}
]
}
],
"references": [
{
"url": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/",
"source": "cve@mitre.org"
},
{
"url": "http://securityreason.com/securityalert/3945",
"source": "cve@mitre.org"
},
{
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2008/dsa-1596",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/493270/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/29657",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2008/1802",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink