Find a vulnerability
Search criteria
10 vulnerabilities by firefly
VAR-200601-0258
Vulnerability from variot - Updated: 2025-04-03 22:41SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792. PHPNuke EV is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. PHPNuke EV version 7.7 is vulnerable; earlier versions may also be affected.
For more information: SA17543
The vulnerability has been confirmed in version 7.7-R1.
SOLUTION: Edit the source code to ensure that input is properly sanitised.
PROVIDED AND/OR DISCOVERED BY: Originally reported in PHP-Nuke by sp3x.
Reported in PHPNuke EV by Lostmon.
ORIGINAL ADVISORY: http://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html
OTHER REFERENCES: SA17543: http://secunia.com/advisories/17543/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200601-0258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "php-nuke ev",
"scope": "eq",
"trust": 1.6,
"vendor": "francisco burzi",
"version": "7.7_r1"
},
{
"model": "php-nuke",
"scope": "eq",
"trust": 0.3,
"vendor": "php nuke",
"version": "7.7"
},
{
"model": "studios stronghold",
"scope": "eq",
"trust": 0.3,
"vendor": "firefly",
"version": "27.7"
}
],
"sources": [
{
"db": "BID",
"id": "16186"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
},
{
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lostmon is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "16186"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
}
],
"trust": 0.9
},
"cve": "CVE-2006-0163",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2006-0163",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-16271",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-0163",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200601-108",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-16271",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16271"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
},
{
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the search module (modules/Search/index.php) of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792. PHPNuke EV is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. \nA successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. \nPHPNuke EV version 7.7 is vulnerable; earlier versions may also be affected. \n\nFor more information:\nSA17543\n\nThe vulnerability has been confirmed in version 7.7-R1. \n\nSOLUTION:\nEdit the source code to ensure that input is properly sanitised. \n\nPROVIDED AND/OR DISCOVERED BY:\nOriginally reported in PHP-Nuke by sp3x. \n\nReported in PHPNuke EV by Lostmon. \n\nORIGINAL ADVISORY:\nhttp://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html\n\nOTHER REFERENCES:\nSA17543:\nhttp://secunia.com/advisories/17543/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0163"
},
{
"db": "BID",
"id": "16186"
},
{
"db": "VULHUB",
"id": "VHN-16271"
},
{
"db": "PACKETSTORM",
"id": "42959"
}
],
"trust": 1.35
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-16271",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16271"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "16186",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2006-0163",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "18394",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "22316",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-0120",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108",
"trust": 0.7
},
{
"db": "XF",
"id": "44978",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "27058",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-80678",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-16271",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42959",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16271"
},
{
"db": "BID",
"id": "16186"
},
{
"db": "PACKETSTORM",
"id": "42959"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
},
{
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"id": "VAR-200601-0258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16271"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:41:47.355000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://lostmon.blogspot.com/2006/01/phpnuke-ev-77-search-module-query.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16186"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/22316"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18394"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/0120"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44978"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/44978"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0120"
},
{
"trust": 0.3,
"url": "http://nukevolution.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18394/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6767/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17543/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16271"
},
{
"db": "BID",
"id": "16186"
},
{
"db": "PACKETSTORM",
"id": "42959"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
},
{
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-16271"
},
{
"db": "BID",
"id": "16186"
},
{
"db": "PACKETSTORM",
"id": "42959"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
},
{
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-01-11T00:00:00",
"db": "VULHUB",
"id": "VHN-16271"
},
{
"date": "2006-01-09T00:00:00",
"db": "BID",
"id": "16186"
},
{
"date": "2006-01-11T05:48:09",
"db": "PACKETSTORM",
"id": "42959"
},
{
"date": "2006-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200601-108"
},
{
"date": "2006-01-11T21:03:00",
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-16271"
},
{
"date": "2007-02-14T23:47:00",
"db": "BID",
"id": "16186"
},
{
"date": "2006-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200601-108"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-0163"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PHPNuke EV Search Module SQL Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "16186"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sql injection",
"sources": [
{
"db": "PACKETSTORM",
"id": "42959"
},
{
"db": "CNNVD",
"id": "CNNVD-200601-108"
}
],
"trust": 0.7
}
}
VAR-200712-0450
Vulnerability from variot - Updated: 2022-05-17 01:58Firefly is an open source media server used by Roku SoundBridge and iTunes. There are multiple security vulnerabilities such as information disclosure and denial of service in Firefly: ------------------------------------ -----A] Directory traversal on Windows platform -------------------------------------- --- If you use 3 periods in the HTTP request, you can get the specific file in the parent directory of Firefly's management root folder, that is, the attacker can download all the configuration files of the server or firefly.log and other files. Mt-daapd.conf file. This vulnerability can only be exploited on Windows servers. -----------------------------------B] Windows platform bypasses certification -------- --------------------------- If the server is password protected, an unauthenticated remote attacker can have a \"/\" position before the URI. Use the period (\".\"), backslash (\"\\"), or blank (GET file.txt HTTP/1.0) to download the files in the management root folder. This vulnerability can only be exploited on Windows servers. ----------------------------------------------C] Copy HTTP Parameter Denial Service --------------------------------------------- Send Two or more HTTP parameters with the same name (such as two Host or User-Agent) can cause the server to terminate. -----------------------------------D] Partial query results in 100% CPU usage ----- ------------------------------ The remote attacker connects to the server and sends the first line of the request (GET/HTTP/1.0) This can cause the server's CPU to reach 100% until it is disconnected from the server. Firefly Media Server is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to handle specially crafted HTTP GET requests. Attackers can exploit these issues to access potentially sensitive information, crash the server, or consume excessive resources. Successful exploits could aid in further attacks or deny service to legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200712-0450",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "media server firefly media server",
"scope": "eq",
"trust": 0.3,
"vendor": "firefly",
"version": "0.2.41"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
},
{
"db": "BID",
"id": "26770"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma is credited with the discovery of these issues.",
"sources": [
{
"db": "BID",
"id": "26770"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-514"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2007-6919",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2007-6919",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Firefly is an open source media server used by Roku SoundBridge and iTunes. There are multiple security vulnerabilities such as information disclosure and denial of service in Firefly: ------------------------------------ -----A] Directory traversal on Windows platform -------------------------------------- --- If you use 3 periods in the HTTP request, you can get the specific file in the parent directory of Firefly\u0027s management root folder, that is, the attacker can download all the configuration files of the server or firefly.log and other files. Mt-daapd.conf file. This vulnerability can only be exploited on Windows servers. -----------------------------------B] Windows platform bypasses certification -------- --------------------------- If the server is password protected, an unauthenticated remote attacker can have a \\\"/\\\" position before the URI. Use the period (\\\".\\\"), backslash (\\\"\\\\\\\"), or blank (GET file.txt HTTP/1.0) to download the files in the management root folder. This vulnerability can only be exploited on Windows servers. ----------------------------------------------C] Copy HTTP Parameter Denial Service --------------------------------------------- Send Two or more HTTP parameters with the same name (such as two Host or User-Agent) can cause the server to terminate. -----------------------------------D] Partial query results in 100% CPU usage ----- ------------------------------ The remote attacker connects to the server and sends the first line of the request (GET/HTTP/1.0) This can cause the server\u0027s CPU to reach 100% until it is disconnected from the server. Firefly Media Server is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to handle specially crafted HTTP GET requests. \nAttackers can exploit these issues to access potentially sensitive information, crash the server, or consume excessive resources. Successful exploits could aid in further attacks or deny service to legitimate users",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
},
{
"db": "BID",
"id": "26770"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "26770",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2007-6919",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201503-514",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
},
{
"db": "BID",
"id": "26770"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-514"
}
]
},
"id": "VAR-200712-0450",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
}
]
},
"last_update_date": "2022-05-17T01:58:12.639000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://marc.info/?l=bugtraq\u0026m=119706669307492\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/26770"
},
{
"trust": 0.3,
"url": "http://www.fireflymediaserver.org/index.php"
},
{
"trust": 0.3,
"url": "/archive/1/484763"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
},
{
"db": "BID",
"id": "26770"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
},
{
"db": "BID",
"id": "26770"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-6919"
},
{
"date": "2007-12-07T00:00:00",
"db": "BID",
"id": "26770"
},
{
"date": "2007-12-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2007-6919"
},
{
"date": "2015-03-19T08:52:00",
"db": "BID",
"id": "26770"
},
{
"date": "2015-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-514"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-514"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Firefly Multiple Information Disclosure and Denial of Service Vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2007-6919"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "26770"
}
],
"trust": 0.3
}
}
CVE-2007-5824 (GCVE-0-2007-5824)
Vulnerability from nvd – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.debian.org/security/2008/dsa-1597 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/archive/1/483211/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/26309 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/483215/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/28269 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/4600 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/483210/100… | mailing-listx_refsource_BUGTRAQ |
| http://sourceforge.net/project/shownotes.php?grou… | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=200110 | x_refsource_MISC |
| http://secunia.com/advisories/30661 | third-party-advisoryx_refsource_SECUNIA |
| http://www.gentoo.org/security/en/glsa/glsa-20071… | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "firefly-decodepassword-dos(38242)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
},
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "20071102 [UPH-07-02] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
},
{
"name": "26309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26309"
},
{
"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
},
{
"name": "firefly-getheaders-dos(38241)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "4600",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4600"
},
{
"name": "20071102 [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "firefly-decodepassword-dos(38242)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
},
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "20071102 [UPH-07-02] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
},
{
"name": "26309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26309"
},
{
"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
},
{
"name": "firefly-getheaders-dos(38241)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "4600",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4600"
},
{
"name": "20071102 [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "firefly-decodepassword-dos(38242)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
},
{
"name": "DSA-1597",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "20071102 [UPH-07-02] Firefly Media Server DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
},
{
"name": "26309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26309"
},
{
"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
},
{
"name": "firefly-getheaders-dos(38241)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
},
{
"name": "28269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28269"
},
{
"name": "4600",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4600"
},
{
"name": "20071102 [UPH-07-01] Firefly Media Server DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5824",
"datePublished": "2007-11-05T19:00:00.000Z",
"dateReserved": "2007-11-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:47:00.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5825 (GCVE-0-2007-5825)
Vulnerability from nvd – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47- n/a
| URL | Tags |
|---|---|
| http://www.debian.org/security/2008/dsa-1597 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/26310 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/483209/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/483214/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/28269 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://sourceforge.net/project/shownotes.php?grou… | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=200110 | x_refsource_MISC |
| http://secunia.com/advisories/30661 | third-party-advisoryx_refsource_SECUNIA |
| http://www.gentoo.org/security/en/glsa/glsa-20071… | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "26310",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26310"
},
{
"name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
},
{
"name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "firefly-addarg-format-string(38243)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "26310",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26310"
},
{
"name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
},
{
"name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "firefly-addarg-format-string(38243)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1597",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "26310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26310"
},
{
"name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
},
{
"name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
},
{
"name": "28269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28269"
},
{
"name": "firefly-addarg-format-string(38243)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5825",
"datePublished": "2007-11-05T19:00:00.000Z",
"dateReserved": "2007-11-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:47:00.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2460 (GCVE-0-2007-2460)
Vulnerability from nvd – Published: 2007-05-02 18:00 – Updated: 2024-08-07 13:42- n/a
| URL | Tags |
|---|---|
| http://www.attrition.org/pipermail/vim/2007-May/0… | mailing-listx_refsource_VIM |
| http://www.vupen.com/english/advisories/2007/1554 | vdb-entryx_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:32.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2460",
"datePublished": "2007-05-02T18:00:00.000Z",
"dateReserved": "2007-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:42:32.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2456 (GCVE-0-2007-2456)
Vulnerability from nvd – Published: 2007-05-02 17:00 – Updated: 2024-08-07 13:42- n/a
| URL | Tags |
|---|---|
| http://www.attrition.org/pipermail/vim/2007-May/0… | mailing-listx_refsource_VIM |
| http://www.vupen.com/english/advisories/2007/1554 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/23683 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/3805 | exploitx_refsource_EXPLOIT-DB |
| http://osvdb.org/35702 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/35701 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
},
{
"name": "23683",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23683"
},
{
"name": "3805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3805"
},
{
"name": "35702",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35702"
},
{
"name": "35701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35701"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
},
{
"name": "23683",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23683"
},
{
"name": "3805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3805"
},
{
"name": "35702",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35702"
},
{
"name": "35701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35701"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1554"
},
{
"name": "23683",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23683"
},
{
"name": "3805",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3805"
},
{
"name": "35702",
"refsource": "OSVDB",
"url": "http://osvdb.org/35702"
},
{
"name": "35701",
"refsource": "OSVDB",
"url": "http://osvdb.org/35701"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2456",
"datePublished": "2007-05-02T17:00:00.000Z",
"dateReserved": "2007-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:42:33.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5824 (GCVE-0-2007-5824)
Vulnerability from cvelistv5 – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47- n/a
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.debian.org/security/2008/dsa-1597 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/archive/1/483211/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/26309 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/483215/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/28269 | third-party-advisoryx_refsource_SECUNIA |
| https://www.exploit-db.com/exploits/4600 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/483210/100… | mailing-listx_refsource_BUGTRAQ |
| http://sourceforge.net/project/shownotes.php?grou… | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=200110 | x_refsource_MISC |
| http://secunia.com/advisories/30661 | third-party-advisoryx_refsource_SECUNIA |
| http://www.gentoo.org/security/en/glsa/glsa-20071… | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "firefly-decodepassword-dos(38242)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
},
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "20071102 [UPH-07-02] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
},
{
"name": "26309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26309"
},
{
"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
},
{
"name": "firefly-getheaders-dos(38241)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "4600",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4600"
},
{
"name": "20071102 [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "firefly-decodepassword-dos(38242)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
},
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "20071102 [UPH-07-02] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
},
{
"name": "26309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26309"
},
{
"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
},
{
"name": "firefly-getheaders-dos(38241)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "4600",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4600"
},
{
"name": "20071102 [UPH-07-01] Firefly Media Server DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a \u0027:\u0027 character, which triggers a crash in the ws_getheaders function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "firefly-decodepassword-dos(38242)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242"
},
{
"name": "DSA-1597",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "20071102 [UPH-07-02] Firefly Media Server DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded"
},
{
"name": "26309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26309"
},
{
"name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded"
},
{
"name": "firefly-getheaders-dos(38241)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241"
},
{
"name": "28269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28269"
},
{
"name": "4600",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4600"
},
{
"name": "20071102 [UPH-07-01] Firefly Media Server DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5824",
"datePublished": "2007-11-05T19:00:00.000Z",
"dateReserved": "2007-11-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:47:00.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5825 (GCVE-0-2007-5825)
Vulnerability from cvelistv5 – Published: 2007-11-05 19:00 – Updated: 2024-08-07 15:47- n/a
| URL | Tags |
|---|---|
| http://www.debian.org/security/2008/dsa-1597 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/26310 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/483209/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/483214/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/28269 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://sourceforge.net/project/shownotes.php?grou… | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=200110 | x_refsource_MISC |
| http://secunia.com/advisories/30661 | third-party-advisoryx_refsource_SECUNIA |
| http://www.gentoo.org/security/en/glsa/glsa-20071… | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "26310",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26310"
},
{
"name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
},
{
"name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "firefly-addarg-format-string(38243)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "26310",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26310"
},
{
"name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
},
{
"name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
},
{
"name": "28269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28269"
},
{
"name": "firefly-addarg-format-string(38243)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the \"Authorization: Basic\" HTTP header line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1597",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1597"
},
{
"name": "26310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26310"
},
{
"name": "20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483209/100/0/threaded"
},
{
"name": "20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483214/100/0/threaded"
},
{
"name": "28269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28269"
},
{
"name": "firefly-addarg-format-string(38243)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38243"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=98211\u0026release_id=548679"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200110",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200110"
},
{
"name": "30661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30661"
},
{
"name": "GLSA-200712-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5825",
"datePublished": "2007-11-05T19:00:00.000Z",
"dateReserved": "2007-11-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:47:00.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2460 (GCVE-0-2007-2460)
Vulnerability from cvelistv5 – Published: 2007-05-02 18:00 – Updated: 2024-08-07 13:42- n/a
| URL | Tags |
|---|---|
| http://www.attrition.org/pipermail/vim/2007-May/0… | mailing-listx_refsource_VIM |
| http://www.vupen.com/english/advisories/2007/1554 | vdb-entryx_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:32.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in modules/admin/include/config.php in FireFly 1.1.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2460",
"datePublished": "2007-05-02T18:00:00.000Z",
"dateReserved": "2007-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:42:32.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2456 (GCVE-0-2007-2456)
Vulnerability from cvelistv5 – Published: 2007-05-02 17:00 – Updated: 2024-08-07 13:42- n/a
| URL | Tags |
|---|---|
| http://www.attrition.org/pipermail/vim/2007-May/0… | mailing-listx_refsource_VIM |
| http://www.vupen.com/english/advisories/2007/1554 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/23683 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/3805 | exploitx_refsource_EXPLOIT-DB |
| http://osvdb.org/35702 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/35701 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
},
{
"name": "23683",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23683"
},
{
"name": "3805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3805"
},
{
"name": "35702",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35702"
},
{
"name": "35701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35701"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1554"
},
{
"name": "23683",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23683"
},
{
"name": "3805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3805"
},
{
"name": "35702",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35702"
},
{
"name": "35701",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35701"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070502 true: firefly RFI, both doc_root and DOCUMENT_ROOT",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-May/001573.html"
},
{
"name": "ADV-2007-1554",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1554"
},
{
"name": "23683",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23683"
},
{
"name": "3805",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3805"
},
{
"name": "35702",
"refsource": "OSVDB",
"url": "http://osvdb.org/35702"
},
{
"name": "35701",
"refsource": "OSVDB",
"url": "http://osvdb.org/35701"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2456",
"datePublished": "2007-05-02T17:00:00.000Z",
"dateReserved": "2007-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:42:33.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}