← Zuruck zu CVEs
CVE-2005-0269
CRITICAL9.8
Beschreibung
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht5/2/2005
Zuletzt geandert4/3/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
sir:gnuboard
Schwachen (CWE)
CWE-178
Referenzen
http://marc.info/?l=bugtraq&m=110477648219738&w=2(cve@mitre.org)
http://secunia.com/advisories/13711(cve@mitre.org)
http://www.securityfocus.com/bid/12149(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18729(cve@mitre.org)
http://marc.info/?l=bugtraq&m=110477648219738&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/13711(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/12149(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18729(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.