CVE-2005-1924 - Vulnerability Details - OpenCVE

The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Squirrelmail	Gpg Plugin

Configuration 1 [-]

cpe:2.3:a:squirrelmail:gpg_plugin:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=329
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=331
http://osvdb.org/37923
http://osvdb.org/37924
http://secunia.com/advisories/26035
http://secunia.com/advisories/26424
http://security.gentoo.org/glsa/glsa-200708-08.xml
http://www.attrition.org/pipermail/vim/2007-July/001710.html
http://www.securityfocus.com/archive/1/473370/100/0/threaded
http://www.securityfocus.com/bid/24874
http://www.vupen.com/english/advisories/2007/2513
https://exchange.xforce.ibmcloud.com/vulnerabilities/35355
https://exchange.xforce.ibmcloud.com/vulnerabilities/35364
https://www.exploit-db.com/exploits/4173

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-07-15T22:00:00

Updated: 2024-08-07T22:06:57.675Z

Reserved: 2005-06-08T00:00:00

Link: CVE-2005-1924

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-12-31T05:00:00.000

Modified: 2024-11-20T23:58:25.783

Link: CVE-2005-1924

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-07-11T00:00:00", "descriptions": [{"lang": "en", "value": "The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "squirrelmail-gpgp-keyfunc-command-execution(35364)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35364"}, {"name": "26035", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26035"}, {"name": "26424", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26424"}, {"name": "37924", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37924"}, {"name": "24874", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24874"}, {"name": "20070711 SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=331"}, {"name": "4173", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/4173"}, {"name": "squirrelmail-gpgp-keyring-command-execution(35355)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35355"}, {"name": "ADV-2007-2513", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2513"}, {"name": "37923", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/37923"}, {"name": "GLSA-200708-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200708-08.xml"}, {"name": "20070711 SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=329"}, {"name": "20070711 True: SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln", "tags": ["mailing-list", "x_refsource_VIM"], "url": "http://www.attrition.org/pipermail/vim/2007-July/001710.html"}, {"name": "20070711 SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/473370/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1924", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "squirrelmail-gpgp-keyfunc-command-execution(35364)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35364"}, {"name": "26035", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26035"}, {"name": "26424", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26424"}, {"name": "37924", "refsource": "OSVDB", "url": "http://osvdb.org/37924"}, {"name": "24874", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24874"}, {"name": "20070711 SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=331"}, {"name": "4173", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/4173"}, {"name": "squirrelmail-gpgp-keyring-command-execution(35355)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35355"}, {"name": "ADV-2007-2513", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2513"}, {"name": "37923", "refsource": "OSVDB", "url": "http://osvdb.org/37923"}, {"name": "GLSA-200708-08", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200708-08.xml"}, {"name": "20070711 SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=329"}, {"name": "20070711 True: SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln", "refsource": "VIM", "url": "http://www.attrition.org/pipermail/vim/2007-July/001710.html"}, {"name": "20070711 SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/473370/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:06:57.675Z"}, "title": "CVE Program Container", "references": [{"name": "squirrelmail-gpgp-keyfunc-command-execution(35364)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35364"}, {"name": "26035", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26035"}, {"name": "26424", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26424"}, {"name": "37924", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37924"}, {"name": "24874", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24874"}, {"name": "20070711 SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=331"}, {"name": "4173", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/4173"}, {"name": "squirrelmail-gpgp-keyring-command-execution(35355)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35355"}, {"name": "ADV-2007-2513", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2513"}, {"name": "37923", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/37923"}, {"name": "GLSA-200708-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200708-08.xml"}, {"name": "20070711 SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=329"}, {"name": "20070711 True: SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln", "tags": ["mailing-list", "x_refsource_VIM", "x_transferred"], "url": "http://www.attrition.org/pipermail/vim/2007-July/001710.html"}, {"name": "20070711 SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/473370/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1924", "datePublished": "2007-07-15T22:00:00", "dateReserved": "2005-06-08T00:00:00", "dateUpdated": "2024-08-07T22:06:57.675Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:squirrelmail:gpg_plugin:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE0468B4-8DC6-4247-B998-70A346A8EB85", "versionEndIncluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636."}], "id": "CVE-2005-1924", "lastModified": "2024-11-20T23:58:25.783", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=329"}, {"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=331"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/37923"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/37924"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26035"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/26424"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200708-08.xml"}, {"source": "cve@mitre.org", "url": "http://www.attrition.org/pipermail/vim/2007-July/001710.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/473370/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24874"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2513"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35355"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35364"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/4173"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=329"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=331"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37923"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/37924"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26035"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26424"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200708-08.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.attrition.org/pipermail/vim/2007-July/001710.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/473370/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24874"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2513"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35355"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35364"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/4173"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}