CVE-2006-2770 - Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globa

CVE-2006-2770

Summary

Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0]. Successful exploitation requires that "register_globals" is enabled.

References

Vulnerable Configurations

cpe:2.3:a:pppblog:pppblog:*:*:*:*:*:*:*:*
cpe:2.3:a:pppblog:pppblog:*:*:*:*:*:*:*:*

CVSS

Base:	5.4 (as of 18-10-2018 - 16:41)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	NONE	NONE

cvss-vector via4

AV:N/AC:H/Au:N/C:C/I:N/A:N

refmap via4

bid	18189
bugtraq	20060530 pppBlog <= 0.3.8 administrative credentials/system disclosure
misc	http://retrogod.altervista.org/pppblog_038_xpl.html
sectrack	1016198
secunia	20375
sreason	1015
vupen	ADV-2006-2085
xf	pppblog-randompic-directory-traversal(26969)

Last major update

18-10-2018 - 16:41

Published

02-06-2006 - 10:18

Last modified

18-10-2018 - 16:41