CVE-2005-0269
Last modified
CVE-2005-0269 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.. EPSS estimates a 2.64% chance of exploitation in the next 30 days.
Description
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sir | Gnuboard | <= 3.40 |
References
- http://marc.info/?l=bugtraq&m=110477648219738&w=2Exploit, Mailing List
- http://secunia.com/advisories/13711Broken Link
- http://www.securityfocus.com/bid/12149Broken Link, Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18729Third Party Advisory, VDB Entry
- http://marc.info/?l=bugtraq&m=110477648219738&w=2Exploit, Mailing List
- http://secunia.com/advisories/13711Broken Link
- http://www.securityfocus.com/bid/12149Broken Link, Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18729Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-0269?
How severe is CVE-2005-0269?
How do I fix CVE-2005-0269?
Are you affected by CVE-2005-0269?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST