ID CVE-2005-3820
Summary Multiple directory traversal vulnerabilities in index.php in vTiger CRM 4.2 and earlier allow remote attackers to read or include arbitrary files, an ultimately execute arbitrary PHP code, via .. (dot dot) and null byte ("%00") sequences in the (1) module parameter and (2) action parameter in the Leads module, as also demonstrated by injecting PHP code into log messages and accessing the log file.
References
Vulnerable Configurations
  • cpe:2.3:a:vtiger:vtiger_crm:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:3.0:-:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:3.0:beta:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:3.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4:beta:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4:beta:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4:beta:*:it:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4:beta:*:it:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4:rc1:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.0:-:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.0:beta:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.2:*:validation:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.2:*:validation:*:*:*:*:*
  • cpe:2.3:a:vtiger:vtiger_crm:4.2:patch1:*:*:*:*:*:*
    cpe:2.3:a:vtiger:vtiger_crm:4.2:patch1:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 19-10-2018 - 15:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
refmap via4
bid
  • 15562
  • 15569
bugtraq
  • 20051124 Advisory 23/2005: vTiger multiple vulnerabilities
  • 20051125 SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM
fulldisc 20051125 SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM
misc http://www.hardened-php.net/advisory_232005.105.html
sectrack
  • 1015271
  • 1015274
secunia 17693
vupen ADV-2005-2569
Last major update 19-10-2018 - 15:39
Published 26-11-2005 - 02:03
Last modified 19-10-2018 - 15:39
Back to Top