CVE-2008-6957

member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/32731	Vendor Advisory
http://www.80vul.com/dzvul/sodb/14/dz-exp-sodb-2008-14_php.htm	Exploit
http://www.discuz.net/archiver/?tid-1112426.html	Vendor Advisory
http://www.securityfocus.com/bid/32424	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/46785
https://www.exploit-db.com/exploits/7185

Configurations

Configuration 1 (hide)

cpe:2.3:a:discuz:discuz\!:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-08-12 10:30

Updated : 2017-09-29 01:33

NVD link : CVE-2008-6957

Mitre link : CVE-2008-6957

CVE.ORG link : CVE-2008-6957

JSON object : View

Products Affected

discuz

discuz\!

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2008-6957", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-08-12T10:30:00.983", "references": [{"url": "http://secunia.com/advisories/32731", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.80vul.com/dzvul/sodb/14/dz-exp-sodb-2008-14_php.htm", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.discuz.net/archiver/?tid-1112426.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/32424", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46785", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/7185", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "member.php in Crossday Discuz! Board allows remote attackers to reset passwords of arbitrary users via crafted (1) lostpasswd and (2) getpasswd actions, possibly involving predictable generation of the id parameter."}, {"lang": "es", "value": "member.php en Crossday Discuz! Board permite a atacantes remotos restaurar las contrase\u00f1as de usuarios de su elecci\u00f3n a trav\u00e9s de las acciones (1) lostpasswd y (2) getpasswd. Posiblemente involucrando a la generaci\u00f3n predecible del par\u00e1metro \"id\"."}], "lastModified": "2017-09-29T01:33:27.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:discuz:discuz\\!:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51A5E1E5-8EFA-4D11-8883-2EB11B71E4D8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}