Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1892

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2005-1892
Last Modified 07 Mar 2011 09:23:03
Published 09 Jun 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1892

Summary

FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message.

Vulnerable Systems

Application

  • Flatnuke 1.0

  • Flatnuke 1.5

  • Flatnuke 1.6

  • Flatnuke 1.7

  • Flatnuke 1.8

  • Flatnuke 2.0

  • Flatnuke 2.5.3


References

MISC - http://secwatch.org/advisories/secwatch/20050604_flatnuke.txt

VUPEN - ADV-2005-0697

SECTRACK - 1014114

SECUNIA - 15603

CONFIRM - http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256


Last Updated: 27 May 2016 10:40:20