CVE-2008-0194 - Vulnerability Details - OpenCVE

Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

Configuration 1 [-]

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
http://secunia.com/advisories/29014
http://securityreason.com/securityalert/3539
http://securityvulns.ru/Sdocument755.html
http://websecurity.com.ua/1676/
http://www.debian.org/security/2008/dsa-1502
http://www.securityfocus.com/archive/1/485786/100/0/threaded
http://www.securityfocus.com/bid/27123

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-01-10T00:00:00

Updated: 2024-08-07T07:39:35.074Z

Reserved: 2008-01-09T00:00:00

Link: CVE-2008-0194

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-01-10T00:46:00.000

Modified: 2024-11-21T00:41:22.320

Link: CVE-2008-0194

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-01-03T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-1502", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1502"}, {"name": "20080103 securityvulns.com russian vulnerabilities digest", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html"}, {"tags": ["x_refsource_MISC"], "url": "http://websecurity.com.ua/1676/"}, {"name": "27123", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27123"}, {"name": "20080103 securityvulns.com russian vulnerabilities digest", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/485786/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://securityvulns.ru/Sdocument755.html"}, {"name": "3539", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3539"}, {"name": "29014", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29014"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-0194", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-1502", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1502"}, {"name": "20080103 securityvulns.com russian vulnerabilities digest", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html"}, {"name": "http://websecurity.com.ua/1676/", "refsource": "MISC", "url": "http://websecurity.com.ua/1676/"}, {"name": "27123", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27123"}, {"name": "20080103 securityvulns.com russian vulnerabilities digest", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485786/100/0/threaded"}, {"name": "http://securityvulns.ru/Sdocument755.html", "refsource": "MISC", "url": "http://securityvulns.ru/Sdocument755.html"}, {"name": "3539", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3539"}, {"name": "29014", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29014"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T07:39:35.074Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-1502", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1502"}, {"name": "20080103 securityvulns.com russian vulnerabilities digest", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://websecurity.com.ua/1676/"}, {"name": "27123", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27123"}, {"name": "20080103 securityvulns.com russian vulnerabilities digest", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/485786/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://securityvulns.ru/Sdocument755.html"}, {"name": "3539", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3539"}, {"name": "29014", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29014"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-0194", "datePublished": "2008-01-10T00:00:00", "dateReserved": "2008-01-09T00:00:00", "dateUpdated": "2024-08-07T07:39:35.074Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "84AC31B4-9402-479C-92A8-6023F56D5564", "versionEndIncluding": "2.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en wp-db-backup.php de WordPress 2.0.3 y anteriores permite a atacantes remotos leer y borrar archivos de su elecci\u00f3n, y provocar una denegaci\u00f3n de servicio mediante un .. (punto punto) en el par\u00e1metro backup en una acci\u00f3n wp-db-backup.php de wp-admin/edit.php. NOTA: esta podr\u00eda ser la misma que CVE-2006-5705.1."}], "id": "CVE-2008-0194", "lastModified": "2024-11-21T00:41:22.320", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-01-10T00:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29014"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3539"}, {"source": "cve@mitre.org", "url": "http://securityvulns.ru/Sdocument755.html"}, {"source": "cve@mitre.org", "url": "http://websecurity.com.ua/1676/"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1502"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485786/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/27123"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29014"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3539"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityvulns.ru/Sdocument755.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://websecurity.com.ua/1676/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1502"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485786/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27123"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}