CVE-2005-1932
CVSS2.1
发布时间 :2005-07-05 00:00:00
修订时间 :2008-09-05 16:50:27
NMCO    

[原文]Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php.


[CNNVD]LPanel多个输入验证漏洞(CNNVD-200507-040)

        Lpanel 1.59和更早版本,以及1.597之前的其他版本,可让远程认证的用户修改某些重要变量,并(1)通过diagnose.php的domain参数修改任意域的DNS设置,(2)通过view_ticket.php的close、open或pid参数关闭、打开或响应任意支持的凭证,(3)通过viewreceipt.php的inv参数获取关于任意发票的敏感信息,或(4)通过domains.php的editdomain参数修改任意域的域信息。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:lpanel:lpanel:1.596
cpe:/a:lpanel:lpanel:1.593
cpe:/a:lpanel:lpanel:1.594
cpe:/a:lpanel:lpanel:1.59

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1932
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1932
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200507-040
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/13869
(PATCH)  BID  13869
http://www.lpanel.net/changelog.php
(UNKNOWN)  CONFIRM  http://www.lpanel.net/changelog.php
http://secunia.com/advisories/15589/
(VENDOR_ADVISORY)  SECUNIA  15589
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034419.html
(UNKNOWN)  FULLDISC  20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to reset the DNS information of any domain name managed by the system.
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034418.html
(VENDOR_ADVISORY)  FULLDISC  20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to respond to any support ticket on the system.
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034417.html
(VENDOR_ADVISORY)  FULLDISC  20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable to the unauthorized viewing of client invoice information.
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034416.html
(VENDOR_ADVISORY)  FULLDISC  20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable to unauthorized domain management access.
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034415.html
(VENDOR_ADVISORY)  FULLDISC  20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to open any support ticket within the system.
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034414.html
(VENDOR_ADVISORY)  FULLDISC  20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to close any support ticket within the system.

- 漏洞信息

LPanel多个输入验证漏洞
低危 输入验证
2005-07-05 00:00:00 2005-10-20 00:00:00
远程  
        Lpanel 1.59和更早版本,以及1.597之前的其他版本,可让远程认证的用户修改某些重要变量,并(1)通过diagnose.php的domain参数修改任意域的DNS设置,(2)通过view_ticket.php的close、open或pid参数关闭、打开或响应任意支持的凭证,(3)通过viewreceipt.php的inv参数获取关于任意发票的敏感信息,或(4)通过domains.php的editdomain参数修改任意域的域信息。

- 公告与补丁

        供应商已在LPanel的1.597版本中解决了此问题:
        LPanel LPanel 1.59
        LPanel LPanel 1.597
        http://lpanel.net/members.php
        
        LPanel LPanel 1.593
        LPanel LPanel 1.597
        http://lpanel.net/members.php
        
        LPanel LPanel 1.594
        LPanel LPanel 1.597
        http://lpanel.net/members.php
        
        LPanel LPanel 1.596
        LPanel LPanel 1.597
        http://lpanel.net/members.php

- 漏洞信息

17133
Lpanel view_ticket.php Arbitrary Ticket Manipulation
Remote / Network Access
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-06-06 Unknow
2005-06-06 Unknow

- 解决方案

Upgrade to version 1.597 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站