Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2154

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2154
Last Modified 05 Sep 2008 04:51:01
Published 06 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2154

Summary

PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.

Vulnerable Systems

Application

  • Osticket Sts 1.2

  • Osticket Sts 1.2.7

  • Osticket Sts 1.3 Beta


References

BID - 14127

SECTRACK - 1014373

BUGTRAQ - 20050701 [SECURITY ALERT] osTicket bugs


Last Updated: 27 May 2016 10:40:25