CVE-2016-1499
published 2016-01-08CVE-2016-1499: ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory…
PriorityP342high8.5CVSS 3.0
AVNACLPRLUINSCCLINAH
EPSS
3.47%
87.6th percentile
ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| owncloud | owncloud | <= 8.0.9 | — |
| owncloud | owncloud | — | — |
| owncloud | owncloud | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
| owncloud | owncloud_server | — | — |
CVSS provenance
nvdv3.08.5HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:S/C:P/I:N/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-1499 owncloud: information disclosure via directory listings
bugzilla·2016-01-07·CVSS 8.5
CVE-2016-1499 [HIGH] CVE-2016-1499 owncloud: information disclosure via directory listings
CVE-2016-1499 owncloud: information disclosure via directory listings
It was found that ownCloud is vulnerable to information exposure through directory listing. It is possible with a normal user to get information about the complete directory structure and included files of all users. The 'force' parameter in the script (index.php/apps/files/ajax/scan.php) can easily be manipulated, by setting its value to 'true'. This vulnerability can potentially be used for denial-of-service attacks if the selected directory is deep enough, because to index many directories requires high computational effort. In addition, sensitive information from other users is exposed.
Reproducer can be found here:
http://seclists.org/bugtraq/2016/Jan/15
Discussion:
Created owncloud tracking bugs for this issue
Bugzilla
CVE-2016-1499 owncloud: owncloud [fedora-all]
bugzilla·2016-01-07·CVSS 8.5
CVE-2016-1499 [HIGH] CVE-2016-1499 owncloud: owncloud [fedora-all]
CVE-2016-1499 owncloud: owncloud [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking
Bugzilla
CVE-2016-1499 owncloud: owncloud [epel-all]
bugzilla·2016-01-07·CVSS 8.5
CVE-2016-1499 [HIGH] CVE-2016-1499 owncloud: owncloud [epel-all]
CVE-2016-1499 owncloud: owncloud [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora EPEL. While
only one t
http://packetstormsecurity.com/files/135158/ownCloud-8.2.1-8.1.4-8.0.9-Information-Exposure.htmlhttp://www.securityfocus.com/archive/1/537244/100/0/threadedhttp://www.securityfocus.com/archive/1/537556/100/0/threadedhttps://owncloud.org/security/advisory/?id=oc-sa-2016-002https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txthttp://packetstormsecurity.com/files/135158/ownCloud-8.2.1-8.1.4-8.0.9-Information-Exposure.htmlhttp://www.securityfocus.com/archive/1/537244/100/0/threadedhttp://www.securityfocus.com/archive/1/537556/100/0/threadedhttps://owncloud.org/security/advisory/?id=oc-sa-2016-002https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt
2016-01-08
Published