CVE-2006-4023 - OpenCVE

Vendors	Products
Php	Php

Link	Resource
http://retrogod.altervista.org/php_ip2long.htm	Exploit
http://securitytracker.com/id?1016609	Exploit
http://www.securityfocus.com/archive/1/441529/100/100/threaded
http://www.securityfocus.com/archive/1/441708/100/100/threaded

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-29T00:00:00", "descriptions": [{"lang": "en", "value": "The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20060729 Re: PHP ip2long() function circumvention", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}, {"name": "20060729 PHP ip2long() function circumvention", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"name": "1016609", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016609"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4023", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20060729 Re: PHP ip2long() function circumvention", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}, {"name": "20060729 PHP ip2long() function circumvention", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"name": "http://retrogod.altervista.org/php_ip2long.htm", "refsource": "MISC", "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"name": "1016609", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016609"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4023", "datePublished": "2006-08-09T00:00:00", "dateReserved": "2006-08-08T00:00:00", "dateUpdated": "2018-10-17T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner."}, {"lang": "es", "value": "La funci\u00f3n ip2long en PHP 5.1.4 y anteriores puede validar incorrectamente una cadena de su elecci\u00f3n y devolver una direcci\u00f3n IP, la cual permite a atacantes remotos obtener informaci\u00f3n y facilitar otros ataques, como se demostr\u00f3 usando inyecci\u00f3n SQL en la cabecera X-FORWARDED-FOR en index.php en MiniBB 2.0. NOTA: podr\u00eda discutirse que el funcionamiento ip2long representa un riesgo para los asuntos de seguridad relevantes en la medida que es similar al papel de los strcpy en el desbordamiento de b\u00fafer, en cuyo caso esto podr\u00eda ser un tipo de bug de implementaci\u00f3n que requerir\u00eda separar los asuntos CVE para cada aplicaci\u00f3n PHP que utiliza ip2long en una manera se seguridad relevante."}], "id": "CVE-2006-4023", "lastModified": "2018-10-17T21:32:58.940", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-08-09T00:04:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://retrogod.altervista.org/php_ip2long.htm"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1016609"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/441529/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/441708/100/100/threaded"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

JSON object

JSON object

JSON object