CVE-2008-2717

TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/
http://secunia.com/advisories/30619	Vendor Advisory
http://secunia.com/advisories/30660	Vendor Advisory
http://securityreason.com/securityalert/3945
http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/
http://www.debian.org/security/2008/dsa-1596
http://www.securityfocus.com/archive/1/493270/100/0/threaded
http://www.securityfocus.com/bid/29657
http://www.vupen.com/english/advisories/2008/1802
https://exchange.xforce.ibmcloud.com/vulnerabilities/42988

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:apache_webserver::::::::
	cpe:2.3:a:typo3:typo3:4.0:::::::*
	cpe:2.3:a:typo3:typo3:4.0.1:::::::*
	cpe:2.3:a:typo3:typo3:4.0.2:::::::*
	cpe:2.3:a:typo3:typo3:4.0.3:::::::*
	cpe:2.3:a:typo3:typo3:4.0.4:::::::*
	cpe:2.3:a:typo3:typo3:4.0.5:::::::*
	cpe:2.3:a:typo3:typo3:4.0.6:::::::*
	cpe:2.3:a:typo3:typo3:4.0.7:::::::*
	cpe:2.3:a:typo3:typo3:4.0.8:::::::*
	cpe:2.3:a:typo3:typo3:4.1:::::::*
	cpe:2.3:a:typo3:typo3:4.1.1:::::::*
	cpe:2.3:a:typo3:typo3:4.1.2:::::::*
	cpe:2.3:a:typo3:typo3:4.1.3:::::::*
	cpe:2.3:a:typo3:typo3:4.1.4:::::::*
	cpe:2.3:a:typo3:typo3:4.1.5:::::::*
	cpe:2.3:a:typo3:typo3:4.1.6:::::::*
	cpe:2.3:a:typo3:typo3:4.2:::::::*

History

No history.

Information

Published : 2008-06-16 22:41

Updated : 2023-12-10 10:51

NVD link : CVE-2008-2717

Mitre link : CVE-2008-2717

CVE.ORG link : CVE-2008-2717

JSON object : View

Products Affected

apache

apache_webserver

typo3

typo3

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2008-2717", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-06-16T22:41:00.000", "references": [{"url": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/30619", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/30660", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3945", "source": "cve@mitre.org"}, {"url": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2008/dsa-1596", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/493270/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/29657", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1802", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."}, {"lang": "es", "value": "TYPO3 versiones 4.0.x anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.7, y versiones 4.2.x anteriores a 4.2.1, utiliza un fileDenyPattern predeterminado insuficientemente restrictivo para Apache, que permite a los atacantes remotos omitir las restricciones de seguridad y cargar archivos de configuraci\u00f3n como .htaccess, o conducir ataques de carga de archivos mediante varias extensiones."}], "lastModified": "2018-10-11T20:42:37.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:apache_webserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5DF97C8-A5E1-4091-A43D-B8F60E0313E4"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25EAE65C-1E17-48CD-B48C-E0BC09FB6596"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "501A9157-044A-4856-8092-418D7329EED3"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EA47174-9BC4-4B74-8618-6A7B0773553B"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A13146E-EC04-4354-9123-BC7CB292C66A"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F27B173-8D10-47F7-8450-F8808A918295"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D1FAD0A-6B98-476B-BCD2-361996CA1C36"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE992D57-AF82-4BF0-96E8-98110C0AEBF3"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A9A484F-C34D-4885-8125-D9C8725EEB4E"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCCB2DE6-4407-4E40-8574-9C813183565B"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2F271C6-B5A7-4B06-A3DF-4C7F74090CC8"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "161E310F-F2D8-40B3-8390-8C52ACDD0B72"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6B33D32-4D59-4768-A2C6-9DC7CD30F5E6"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4679B5DF-25FA-40E9-A322-DF1FF1BC7E7C"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96D69530-AE74-4012-B522-01D0B6B01662"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5514D17F-95A5-48C5-9F91-554F8D3C3DF7"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E46E35EC-FF7B-4510-A5F2-FC230B7477B4"}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "884B4418-83A4-4BCB-8019-306285EB418E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}