← Voltar para CVEs
CVE-2005-0269
CRITICAL9.8
Descricao
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado5/2/2005
Ultima modificacao4/16/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
sir:gnuboard
Fraquezas (CWE)
CWE-178
Referencias
http://marc.info/?l=bugtraq&m=110477648219738&w=2(cve@mitre.org)
http://secunia.com/advisories/13711(cve@mitre.org)
http://www.securityfocus.com/bid/12149(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18729(cve@mitre.org)
http://marc.info/?l=bugtraq&m=110477648219738&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/13711(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/12149(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18729(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.