CVE-2004-1620

CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.s9y.org/5.html	Exploit Patch Vendor Advisory
http://www.securityfocus.com/bid/11497	Exploit Patch Vendor Advisory
http://secunia.com/advisories/12909/	Exploit Patch Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=276694
http://www.osvdb.org/11013
http://www.osvdb.org/11038
http://www.osvdb.org/11039
http://securitytracker.com/id?1011864
http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup
http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup
http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup
http://marc.info/?l=bugtraq&m=109841283115808&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/17798

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:s9y:serendipity:0.6_pl3:::::::*
	cpe:2.3:a:s9y:serendipity:0.6_rc1:::::::*
	cpe:2.3:a:s9y:serendipity:0.5:::::::*
	cpe:2.3:a:s9y:serendipity:0.5_pl1:::::::*
	cpe:2.3:a:s9y:serendipity:0.6:::::::*
	cpe:2.3:a:s9y:serendipity:0.7_beta2:::::::*
	cpe:2.3:a:s9y:serendipity:0.7_beta3:::::::*
	cpe:2.3:a:s9y:serendipity:0.6_pl1:::::::*
	cpe:2.3:a:s9y:serendipity:0.6_pl2:::::::*
	cpe:2.3:a:s9y:serendipity:0.7_beta4:::::::*
	cpe:2.3:a:s9y:serendipity:0.3:::::::*
	cpe:2.3:a:s9y:serendipity:0.4:::::::*
	cpe:2.3:a:s9y:serendipity:0.7_beta1:::::::*
	cpe:2.3:a:s9y:serendipity:0.6_rc2:::::::*

Information

Published : 2004-10-20 21:00

Updated : 2017-07-10 18:31

NVD link : CVE-2004-1620

Mitre link : CVE-2004-1620

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

s9y

serendipity

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.s9y.org/5.html", "name": "http://www.s9y.org/5.html", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/11497", "name": "11497", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/12909/", "name": "12909", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=276694", "name": "http://sourceforge.net/project/shownotes.php?release_id=276694", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.osvdb.org/11013", "name": "11013", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.osvdb.org/11038", "name": "11038", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.osvdb.org/11039", "name": "11039", "tags": [], "refsource": "OSVDB"}, {"url": "http://securitytracker.com/id?1011864", "name": "1011864", "tags": [], "refsource": "SECTRACK"}, {"url": "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup", "name": "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup", "tags": [], "refsource": "CONFIRM"}, {"url": "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup", "name": "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup", "tags": [], "refsource": "CONFIRM"}, {"url": "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup", "name": "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup", "tags": [], "refsource": "CONFIRM"}, {"url": "http://marc.info/?l=bugtraq&m=109841283115808&w=2", "name": "20041021 HTTP Response Splitting in Serendipity 0.7-beta4", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17798", "name": "serendipity-response-splitting(17798)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-1620", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-10-21T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.6_pl3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.6_rc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.5_pl1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.7_beta2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.7_beta3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.6_pl1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.6_pl2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.7_beta4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.7_beta1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:s9y:serendipity:0.6_rc2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:31Z"}