Vulnerability-Lookup

CNVD-2020-00226

Vulnerability from cnvd - Published: 2020-01-02

Title

Mellow Fish YetiShare存在未明漏洞（CNVD-2020-00226）

Description

Mellow Fish YetiShare是英国Mellow Fish公司的一套基于PHP的文件托管网站系统脚本。 Mellow Fish YetiShare 3.5.2版本至4.5.3版本中的class.userpeer.php文件存在安全漏洞，该漏洞源于程序使用不安全的方法创建了密码重置哈希值。攻击者可利用该漏洞猜出哈希值并设置密码。

Severity

中

Formal description

目前厂商尚未提供相关漏洞补丁，请关注厂商主页随时更新： https://mfscripts.com/

Reference

https://medium.com/@jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459 https://github.com/jra89/CVE-2019-19735

Impacted products

Name
Mellow Fish Mellow Fish YetiShare >=3.5.2，<=4.5.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-19735"
    }
  },
  "description": "Mellow Fish YetiShare\u662f\u82f1\u56fdMellow Fish\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8ePHP\u7684\u6587\u4ef6\u6258\u7ba1\u7f51\u7ad9\u7cfb\u7edf\u811a\u672c\u3002\n\nMellow Fish YetiShare 3.5.2\u7248\u672c\u81f34.5.3\u7248\u672c\u4e2d\u7684class.userpeer.php\u6587\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u4e0d\u5b89\u5168\u7684\u65b9\u6cd5\u521b\u5efa\u4e86\u5bc6\u7801\u91cd\u7f6e\u54c8\u5e0c\u503c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u731c\u51fa\u54c8\u5e0c\u503c\u5e76\u8bbe\u7f6e\u5bc6\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u76f8\u5173\u6f0f\u6d1e\u8865\u4e01\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u968f\u65f6\u66f4\u65b0\uff1a\r\nhttps://mfscripts.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-00226",
  "openTime": "2020-01-02",
  "products": {
    "product": "Mellow Fish Mellow Fish YetiShare \u003e=3.5.2\uff0c\u003c=4.5.3"
  },
  "referenceLink": "https://medium.com/@jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459\r\nhttps://github.com/jra89/CVE-2019-19735",
  "serverity": "\u4e2d",
  "submitTime": "2019-12-31",
  "title": "Mellow Fish YetiShare\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2020-00226\uff09"
}

CVE-2019-19735 (GCVE-0-2019-19735)

Vulnerability from cvelistv5 – Published: 2019-12-30 17:00 – Updated: 2024-08-05 02:25

Summary

class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://medium.com/%40jra8908/yetishare-3-5-2-4-5…	x_refsource_MISC
	https://github.com/jra89/CVE-2019-19735	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:25:12.656Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://medium.com/%40jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/jra89/CVE-2019-19735"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-30T17:00:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://medium.com/%40jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jra89/CVE-2019-19735"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19735",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an insecure method of creating password reset hashes (based only on microtime), which allows an attacker to guess the hash and set the password within a few hours by bruteforcing."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://medium.com/@jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459",
              "refsource": "MISC",
              "url": "https://medium.com/@jra8908/yetishare-3-5-2-4-5-3-multiple-vulnerabilities-2d01d0cd7459"
            },
            {
              "name": "https://github.com/jra89/CVE-2019-19735",
              "refsource": "MISC",
              "url": "https://github.com/jra89/CVE-2019-19735"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19735",
    "datePublished": "2019-12-30T17:00:02",
    "dateReserved": "2019-12-11T00:00:00",
    "dateUpdated": "2024-08-05T02:25:12.656Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-00226

CVE-2019-19735 (GCVE-0-2019-19735)

Tags

Sightings

Nomenclature