Sign-up

ID

VAR-200406-0051


CVE

CVE-2004-2044


TITLE

PHP-Nuke Direct Script Access Security Bypass Vulnerability

Trust: 0.9

sources: BID: 10447 // CNNVD: CNNVD-200406-037

DESCRIPTION

PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string. PHP-Nuke is affected by a direct script access security vulnerability. This issue is due to a failure to properly validate the location and name of the file being accessed. This issue will allow an attacker to gain access to sensitive scripts such as the 'admin.php' script. The attacker may be able to exploit this unauthorized access to carry out attacks against the affected application. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc

Trust: 1.26

sources: NVD: CVE-2004-2044 // BID: 10447 // VULHUB: VHN-10472

AFFECTED PRODUCTS

vendor:francisco burzimodel:php-nukescope:eqversion:5.2

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:5.1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.0

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:5.0

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:5.6

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:5.4

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:5.3.1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:5.2a

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:5.5

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.1

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.3

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.2

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_final

Trust: 1.0

vendor:trustixmodel:secure linuxscope:eqversion:2.1

Trust: 1.0

vendor:paul laudanskimodel:betanc php-nukescope:eqversion:bundle

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.6

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_beta1

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.0

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:5.0.1

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc3

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc2

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc1

Trust: 1.0

vendor:trustixmodel:secure linuxscope:eqversion:2.0

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.9

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.7

Trust: 1.0

vendor:oscommercemodel:osc2nukescope:eqversion:7x_1.0

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:7.0_final

Trust: 1.0

vendor:paulmodel:laudanski betanc php-nuke bundlescope: - version: -

Trust: 0.3

vendor:oscommercemodel:osc2nukescope:eqversion:7x1.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.3

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.2

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.1

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.9

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.7

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.6

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc3scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc2scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc1scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke betascope:eqversion:6.51

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.6

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.5

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.4

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.3.1

Trust: 0.3

vendor:franciscomodel:burzi php-nuke ascope:eqversion:5.2

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.2

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.1

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.0.1

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:5.0

Trust: 0.3

sources: BID: 10447 // CNNVD: CNNVD-200406-037 // NVD: CVE-2004-2044

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-2044
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200406-037
value: HIGH

Trust: 0.6

VULHUB: VHN-10472
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-2044
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10472
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10472 // CNNVD: CNNVD-200406-037 // NVD: CVE-2004-2044

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2044

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200406-037

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200406-037

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-10472

EXTERNAL IDS
db:BIDid:10447
Trust: 2.0
db:NVDid:CVE-2004-2044
Trust: 1.7
db:OSVDBid:6593
Trust: 1.7
db:SECUNIAid:11766
Trust: 1.7
db:CNNVDid:CNNVD-200406-037
Trust: 0.7
db:XFid:2
Trust: 0.6
db:XFid:16294
Trust: 0.6
db:XFid:16298
Trust: 0.6
db:XFid:16297
Trust: 0.6
db:XFid:16296
Trust: 0.6
db:BUGTRAQid:20040601 [SQUID 2004-OSC2NUKE-001] INADEQUATE SECURITY CHECKING IN OSC2NUKE
Trust: 0.6
db:BUGTRAQid:20040601 [SQUID 2004-BETANC-001] INADEQUATE SECURITY CHECKING IN NUKECOPS BETANC BUNDLE
Trust: 0.6
db:BUGTRAQid:20040601 [SQUID 2004-BETANC-001] INADEQUATE SECURITY CHECKING IN NUKECOPS
Trust: 0.6
db:BUGTRAQid:20040601 [SQUID 2004-NUKE-001] INADEQUATE SECURITY CHECKING IN PHPNUKE
Trust: 0.6
db:BUGTRAQid:20040606 RE: [SQUID 2004-NUKE-001] INADEQUATE SECURITY CHECKING IN PHPNUKE
Trust: 0.6
db:SEEBUGid:SSVID-77899
Trust: 0.1
db:EXPLOIT-DBid:24166
Trust: 0.1
db:VULHUBid:VHN-10472
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10472 // 
            
            
            
            BID: 10447 // 
            
            
            
            CNNVD: CNNVD-200406-037 // 
            
            
            
            NVD: CVE-2004-2044

REFERENCES
url:http://www.securityfocus.com/bid/10447
Trust: 1.7
url:http://archives.neohapsis.com/archives/bugtraq/2004-06/0006.html
Trust: 1.7
url:http://archives.neohapsis.com/archives/bugtraq/2004-06/0005.html
Trust: 1.7
url:http://www.osvdb.org/6593
Trust: 1.7
url:http://secunia.com/advisories/11766
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16298
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16296
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16297
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16294
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=108611606320559&w=2
Trust: 1.0
url:http://marc.info/?l=bugtraq&m=108611643614881&w=2
Trust: 1.0
url:http://marc.info/?l=bugtraq&m=108662955105757&w=2
Trust: 1.0
url:http://xforce.iss.net/xforce/xfdb/16298
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/16297
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/16296
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/16294
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=108662955105757&w=2
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=108611643614881&w=2
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=108611606320559&w=2
Trust: 0.6
url:http://www.oscommerce.com
Trust: 0.3
url:http://www.irannuke.com/
Trust: 0.3
url:/archive/1/364840
Trust: 0.3
url:/archive/1/364842
Trust: 0.3
url:/archive/1/364847
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=108611643614881&w=2
Trust: 0.1
url:http://marc.info/?l=bugtraq&m=108611606320559&w=2
Trust: 0.1
url:http://marc.info/?l=bugtraq&m=108662955105757&w=2
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10472 // 
            
            
            
            BID: 10447 // 
            
            
            
            CNNVD: CNNVD-200406-037 // 
            
            
            
            NVD: CVE-2004-2044

CREDITS
Squid squidsecurity@hushmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200406-037

SOURCES
db:VULHUBid:VHN-10472
db:BIDid:10447
db:CNNVDid:CNNVD-200406-037
db:NVDid:CVE-2004-2044

LAST UPDATE DATE
2024-08-14T13:13:24.202000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-10472date:2017-07-11T00:00:00
db:BIDid:10447date:2004-06-01T00:00:00
db:CNNVDid:CNNVD-200406-037date:2005-10-20T00:00:00
db:NVDid:CVE-2004-2044date:2017-07-11T01:31:34.967

SOURCES RELEASE DATE
db:VULHUBid:VHN-10472date:2004-06-01T00:00:00
db:BIDid:10447date:2004-06-01T00:00:00
db:CNNVDid:CNNVD-200406-037date:2004-06-01T00:00:00
db:NVDid:CVE-2004-2044date:2004-06-01T04:00:00