Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2004-0542 | First vendor Publication | 2004-08-06 |
| Vendor | Cve | Last vendor Modification | 2022-07-01 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0542 |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
| CAPEC-6 | Argument Injection |
| CAPEC-15 | Command Delimiters |
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
| CAPEC-63 | Simple Script Injection |
| CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
| CAPEC-73 | User-Controlled Filename |
| CAPEC-85 | Client Network Footprinting (using AJAX/XSS) |
| CAPEC-86 | Embedding Script (XSS ) in HTTP Headers |
| CAPEC-163 | Spear Phishing |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 6737 | PHP escapeshellarg() Security Bypass PHP contains a flaw that may allow a malicious user to bypass security restriction. The issue is due to input validation error in the escapeshellarg() routine. The escapeshellarg() routine fails to filter the characters "%", allowing a remote attacker to access environment variables. The flaw will result in a loss of confidentiality and integrity. |
| 6710 | PHP escapeshellcmd() Security Bypass PHP contains a flaw that may allow a malicious user to bypass security restriction. The issue is due to an input validation error in the escapeshellcmd() routine. The escapeshellcmd() routine fails to filter the characters "%|>", allowing a remote attacker to access environment variables, redirect output and execute arbitrary commands. The flaw will result in a loss of confidentiality and integrity. |
Sources (Detail)
| Source | Url |
|---|---|
| CONFIRM | http://www.php.net/release_4_3_7.php |
| MISC | http://www.idefense.com/application/poi/display?id=108 |
| XF | https://exchange.xforce.ibmcloud.com/vulnerabilities/16331 |
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 01:02:34 |
|
| 2024-02-01 12:01:31 |
|
| 2023-09-05 12:02:26 |
|
| 2023-09-05 01:01:23 |
|
| 2023-09-02 12:02:28 |
|
| 2023-09-02 01:01:23 |
|
| 2023-08-12 12:02:59 |
|
| 2023-08-12 01:01:23 |
|
| 2023-08-11 12:02:34 |
|
| 2023-08-11 01:01:25 |
|
| 2023-08-06 12:02:22 |
|
| 2023-08-06 01:01:24 |
|
| 2023-08-04 12:02:26 |
|
| 2023-08-04 01:01:24 |
|
| 2023-07-14 12:02:24 |
|
| 2023-07-14 01:01:25 |
|
| 2023-03-29 01:02:26 |
|
| 2023-03-28 12:01:29 |
|
| 2022-10-11 12:02:09 |
|
| 2022-10-11 01:01:17 |
|
| 2022-07-01 21:27:50 |
|
| 2021-05-04 12:02:20 |
|
| 2021-04-22 01:02:29 |
|
| 2020-05-23 00:15:48 |
|
| 2019-06-08 12:01:18 |
|
| 2017-07-11 12:01:27 |
|
| 2013-05-11 11:42:00 |
|
