CVE-2005-1932

Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034414.html	Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034415.html	Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034419.html
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034417.html	Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034416.html	Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034418.html	Vendor Advisory
http://www.lpanel.net/changelog.php
http://www.securityfocus.com/bid/13869	Patch
http://secunia.com/advisories/15589/	Vendor Advisory

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:lpanel:lpanel:1.594:::::::*
	cpe:2.3:a:lpanel:lpanel:1.596:::::::*
	cpe:2.3:a:lpanel:lpanel:1.59:::::::*
	cpe:2.3:a:lpanel:lpanel:1.593:::::::*

Information

Published : 2005-07-04 21:00

Updated : 2008-09-05 13:50

NVD link : CVE-2005-1932

Mitre link : CVE-2005-1932

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

lpanel

lpanel

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034414.html", "name": "20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to close any support ticket within the system.", "tags": ["Vendor Advisory"], "refsource": "FULLDISC"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034415.html", "name": "20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to open any support ticket within the system.", "tags": ["Vendor Advisory"], "refsource": "FULLDISC"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034419.html", "name": "20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to reset the DNS information of any domain name managed by the system.", "tags": [], "refsource": "FULLDISC"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034417.html", "name": "20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable to the unauthorized viewing of client invoice information.", "tags": ["Vendor Advisory"], "refsource": "FULLDISC"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034416.html", "name": "20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable to unauthorized domain management access.", "tags": ["Vendor Advisory"], "refsource": "FULLDISC"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034418.html", "name": "20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to respond to any support ticket on the system.", "tags": ["Vendor Advisory"], "refsource": "FULLDISC"}, {"url": "http://www.lpanel.net/changelog.php", "name": "http://www.lpanel.net/changelog.php", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/13869", "name": "13869", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/15589/", "name": "15589", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-1932", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-07-05T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:lpanel:lpanel:1.594:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:lpanel:lpanel:1.596:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:lpanel:lpanel:1.59:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:lpanel:lpanel:1.593:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:50Z"}