CVE-2008-2717 - OpenCVE

TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Apache Webserver
Typo3	Typo3

Configuration 1 [-]

OR	cpe:2.3:a:apache:apache_webserver::::::::
	cpe:2.3:a:typo3:typo3:4.0:::::::*
	cpe:2.3:a:typo3:typo3:4.0.1:::::::*
	cpe:2.3:a:typo3:typo3:4.0.2:::::::*
	cpe:2.3:a:typo3:typo3:4.0.3:::::::*
	cpe:2.3:a:typo3:typo3:4.0.4:::::::*
	cpe:2.3:a:typo3:typo3:4.0.5:::::::*
	cpe:2.3:a:typo3:typo3:4.0.6:::::::*
	cpe:2.3:a:typo3:typo3:4.0.7:::::::*
	cpe:2.3:a:typo3:typo3:4.0.8:::::::*
	cpe:2.3:a:typo3:typo3:4.1:::::::*
	cpe:2.3:a:typo3:typo3:4.1.1:::::::*
	cpe:2.3:a:typo3:typo3:4.1.2:::::::*
	cpe:2.3:a:typo3:typo3:4.1.3:::::::*
	cpe:2.3:a:typo3:typo3:4.1.4:::::::*
	cpe:2.3:a:typo3:typo3:4.1.5:::::::*
	cpe:2.3:a:typo3:typo3:4.1.6:::::::*
	cpe:2.3:a:typo3:typo3:4.2:::::::*

References

Link	Resource
http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/
http://secunia.com/advisories/30619	Vendor Advisory
http://secunia.com/advisories/30660	Vendor Advisory
http://securityreason.com/securityalert/3945
http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/
http://www.debian.org/security/2008/dsa-1596
http://www.securityfocus.com/archive/1/493270/100/0/threaded
http://www.securityfocus.com/bid/29657
http://www.vupen.com/english/advisories/2008/1802
https://exchange.xforce.ibmcloud.com/vulnerabilities/42988

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-06-16T22:00:00

Updated: 2018-10-11T19:57:01

Reserved: 2008-06-16T00:00:00

Link: CVE-2008-2717

JSON object: View

NVD Information

Status : Modified

Published: 2008-06-16T22:41:00.000

Modified: 2018-10-11T20:42:37.587

Link: CVE-2008-2717

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-11T00:00:00", "descriptions": [{"lang": "en", "value": "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "29657", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29657"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/"}, {"name": "30619", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30619"}, {"name": "20080611 TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/493270/100/0/threaded"}, {"name": "typo3-filename-file-upload(42988)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988"}, {"name": "DSA-1596", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1596"}, {"name": "ADV-2008-1802", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1802"}, {"name": "30660", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30660"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/"}, {"name": "3945", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3945"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2717", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "29657", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29657"}, {"name": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/", "refsource": "CONFIRM", "url": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/"}, {"name": "30619", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30619"}, {"name": "20080611 TYPO3 Security Bulletin TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/493270/100/0/threaded"}, {"name": "typo3-filename-file-upload(42988)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988"}, {"name": "DSA-1596", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1596"}, {"name": "ADV-2008-1802", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1802"}, {"name": "30660", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30660"}, {"name": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/", "refsource": "CONFIRM", "url": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/"}, {"name": "3945", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3945"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2717", "datePublished": "2008-06-16T22:00:00", "dateReserved": "2008-06-16T00:00:00", "dateUpdated": "2018-10-11T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:apache_webserver:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5DF97C8-A5E1-4091-A43D-B8F60E0313E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "25EAE65C-1E17-48CD-B48C-E0BC09FB6596", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "501A9157-044A-4856-8092-418D7329EED3", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4EA47174-9BC4-4B74-8618-6A7B0773553B", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5A13146E-EC04-4354-9123-BC7CB292C66A", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "8F27B173-8D10-47F7-8450-F8808A918295", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "0D1FAD0A-6B98-476B-BCD2-361996CA1C36", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "AE992D57-AF82-4BF0-96E8-98110C0AEBF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "7A9A484F-C34D-4885-8125-D9C8725EEB4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCCB2DE6-4407-4E40-8574-9C813183565B", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2F271C6-B5A7-4B06-A3DF-4C7F74090CC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "161E310F-F2D8-40B3-8390-8C52ACDD0B72", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6B33D32-4D59-4768-A2C6-9DC7CD30F5E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4679B5DF-25FA-40E9-A322-DF1FF1BC7E7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "96D69530-AE74-4012-B522-01D0B6B01662", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "5514D17F-95A5-48C5-9F91-554F8D3C3DF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "E46E35EC-FF7B-4510-A5F2-FC230B7477B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "884B4418-83A4-4BCB-8019-306285EB418E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions."}, {"lang": "es", "value": "TYPO3 versiones 4.0.x anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.7, y versiones 4.2.x anteriores a 4.2.1, utiliza un fileDenyPattern predeterminado insuficientemente restrictivo para Apache, que permite a los atacantes remotos omitir las restricciones de seguridad y cargar archivos de configuraci\u00f3n como .htaccess, o conducir ataques de carga de archivos mediante varias extensiones."}], "id": "CVE-2008-2717", "lastModified": "2018-10-11T20:42:37.587", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-06-16T22:41:00.000", "references": [{"source": "cve@mitre.org", "url": "http://buzz.typo3.org/teams/security/article/advice-on-core-security-issue-regarding-filedenypattern/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30619"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30660"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3945"}, {"source": "cve@mitre.org", "url": "http://typo3.org/teams/security/security-bulletins/typo3-20080611-1/"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1596"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/493270/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29657"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1802"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42988"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}