CVE-2005-3430

Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as (1) .unk, (2) .asa, and possibly (3) .htr and (4) .aspx, which are not filtered like the .asp extension.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html	Patch
http://marc.info/?l=bugtraq&m=113053680631151&w=2
http://secunia.com/advisories/17240/	Vendor Advisory
http://securitytracker.com/id?1015117
http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf	Patch Vendor Advisory
http://www.securityfocus.com/bid/15230
https://exchange.xforce.ibmcloud.com/vulnerabilities/22907

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rockliffe:mailsite_express::::::::
	cpe:2.3:a:rockliffe:mailsite_express:6.1.20:::::::*

History

No history.

Information

Published : 2005-11-02 11:02

Updated : 2024-02-04 16:52

NVD link : CVE-2005-3430

Mitre link : CVE-2005-3430

CVE.ORG link : CVE-2005-3430

JSON object : View

Products Affected

rockliffe

mailsite_express

CWE

NVD-CWE-Other

{"id": "CVE-2005-3430", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-11-02T11:02:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=113053680631151&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17240/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015117", "source": "cve@mitre.org"}, {"url": "http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15230", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22907", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as (1) .unk, (2) .asa, and possibly (3) .htr and (4) .aspx, which are not filtered like the .asp extension."}], "lastModified": "2017-07-11T01:33:11.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockliffe:mailsite_express:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF85F655-3BC7-4804-8E00-FAD19B9E6620", "versionEndIncluding": "6.1.21"}, {"criteria": "cpe:2.3:a:rockliffe:mailsite_express:6.1.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A63D4D75-76B2-4566-B91E-3FB1AD1BACEA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}