Executive Summary

Informations
NameCVE-2001-1246First vendor Publication2001-06-30
VendorCveLast vendor Modification2008-09-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides user account access : Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1246

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-6Argument Injection
CAPEC-15Command Delimiters
CAPEC-41Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-43Exploiting Multiple Input Interpretation Layers
CAPEC-88OS Command Injection
CAPEC-108Command Line Execution through SQL Injection
CAPEC-133Try All Common Application Switches and Options

CWE : Common Weakness Enumeration

%idName

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Open Source Vulnerability Database (OSVDB)

idDescription
579PHP Safe Mode mail() Function 5th Parameter Arbitrary Command Execution

Nessus® Vulnerability Scanner

DateDescription
2004-07-31Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2002-059.nasl - Type : ACT_GATHER_INFO
2004-07-06Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2002-129.nasl - Type : ACT_GATHER_INFO
2001-07-02Name : Arbitrary commands may be run on the remote server.
File : php_safe_mode.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/2954
BUGTRAQ http://online.securityfocus.com/archive/1/194425
CONFIRM http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gz
REDHAT http://www.redhat.com/support/errata/RHSA-2002-102.html
http://www.redhat.com/support/errata/RHSA-2002-129.html
http://www.redhat.com/support/errata/RHSA-2003-159.html
XF http://www.iss.net/security_center/static/6787.php

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:24:12
  • Multiple Updates
2013-05-11 12:06:40
  • Multiple Updates