CVE-2006-6629

lib/WeBWorK/PG/Translator.pm in WeBWorK Program Generation (PG) Language before 2.3.1 uses an insufficiently restrictive regular expression to determine valid macro filenames, which allows attackers to load arbitrary macro files whose names contain the strings (1) dangerousMacros.pl, (2) PG.pl, or (3) IO.pl.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://devel.webwork.rochester.edu/twiki/bin/view/Webwork/PGLanguageRelease2pt3pt1	Patch
http://www.securityfocus.com/bid/21614	Patch
http://www.vupen.com/english/advisories/2006/5026

Configurations

Configuration 1 (hide)

cpe:2.3:a:webwork:program_generation_language:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-12-18 11:28

Updated : 2024-02-04 17:13

NVD link : CVE-2006-6629

Mitre link : CVE-2006-6629

CVE.ORG link : CVE-2006-6629

JSON object : View

Products Affected

webwork

program_generation_language

CWE

NVD-CWE-Other

{"id": "CVE-2006-6629", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-12-18T11:28:00.000", "references": [{"url": "http://devel.webwork.rochester.edu/twiki/bin/view/Webwork/PGLanguageRelease2pt3pt1", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/21614", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/5026", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "lib/WeBWorK/PG/Translator.pm in WeBWorK Program Generation (PG) Language before 2.3.1 uses an insufficiently restrictive regular expression to determine valid macro filenames, which allows attackers to load arbitrary macro files whose names contain the strings (1) dangerousMacros.pl, (2) PG.pl, or (3) IO.pl."}, {"lang": "es", "value": "lib/WeBWorK/PG/Translator.pm del WeBWorK Program Generation (PG) Language anterior al 2.3.1 utiliza expresiones regulares insuficientemente restrictivas para determinar macros de nombres de fichero v\u00e1lidos, lo cual permite a atacantes cargar macros de ficheros de su elecci\u00f3n que contengan nombres en las cadenas (1) dangerousMacros.pl, (2) PG.pl o(3) IO.pl."}], "lastModified": "2011-03-08T02:46:34.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:webwork:program_generation_language:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1228AED-12F8-4EB2-8768-9E5D56249FA9", "versionEndIncluding": "2.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nWeBWorK, Program Generation Language, 2.3.1"}