CVE-2007-1043

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-1043
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 Exploit Vendor Advisory
http://osvdb.org/34181
http://securityreason.com/securityalert/2275
http://www.securityfocus.com/archive/1/460325/100/0/threaded
http://www.securityfocus.com/bid/22590
https://exchange.xforce.ibmcloud.com/vulnerabilities/32563
http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 Exploit Vendor Advisory
http://osvdb.org/34181
http://securityreason.com/securityalert/2275
http://www.securityfocus.com/archive/1/460325/100/0/threaded
http://www.securityfocus.com/bid/22590
https://exchange.xforce.ibmcloud.com/vulnerabilities/32563
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*
cpe:2.3:a:ezboo:webstats:3.0.3:*:*:*:*:*:*:*
History

21 Nov 2024, 00:27

Type Values Removed Values Added
References () http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 - Exploit, Vendor Advisory () http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 - Exploit, Vendor Advisory
References () http://osvdb.org/34181 - () http://osvdb.org/34181 -
References () http://securityreason.com/securityalert/2275 - () http://securityreason.com/securityalert/2275 -
References () http://www.securityfocus.com/archive/1/460325/100/0/threaded - () http://www.securityfocus.com/archive/1/460325/100/0/threaded -
References () http://www.securityfocus.com/bid/22590 - () http://www.securityfocus.com/bid/22590 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/32563 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/32563 -
Information

Published : 2007-02-21 17:28

Updated : 2024-11-21 00:27

NVD link : CVE-2007-1043

Mitre link : CVE-2007-1043

CVE.ORG link : CVE-2007-1043

JSON object : View

Products Affected

santa_cruz_operation

  • sco_unix

hp

  • tru64
  • hp-ux

microsoft

  • windows_98se
  • windows_2003_server
  • windows_me
  • windows_nt
  • windows_xp
  • windows_2000
  • windows_95
  • windows_98

ezboo

  • webstats

ibm

  • aix
  • os2

sun

  • solaris

linux

  • linux_kernel

apple

  • mac_os_x

windriver

  • bsdos
CWE
NVD-CWE-Other