CVE-2008-3226 - OpenCVE

The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Joomla	Joomla

Configuration 1 [-]

OR	cpe:2.3:a:joomla:joomla::::::::
	cpe:2.3:a:joomla:joomla:1.0:::::::*
	cpe:2.3:a:joomla:joomla:1.0.0:::::::*
	cpe:2.3:a:joomla:joomla:1.0.1:::::::*
	cpe:2.3:a:joomla:joomla:1.0.2:::::::*
	cpe:2.3:a:joomla:joomla:1.0.3:::::::*
	cpe:2.3:a:joomla:joomla:1.0.4:::::::*
	cpe:2.3:a:joomla:joomla:1.0.5:::::::*
	cpe:2.3:a:joomla:joomla:1.0.6:::::::*
	cpe:2.3:a:joomla:joomla:1.0.7:::::::*
	cpe:2.3:a:joomla:joomla:1.0.8:::::::*
	cpe:2.3:a:joomla:joomla:1.0.9:::::::*
	cpe:2.3:a:joomla:joomla:1.0.10:::::::*
	cpe:2.3:a:joomla:joomla:1.0.11:::::::*
	cpe:2.3:a:joomla:joomla:1.0.12:::::::*
	cpe:2.3:a:joomla:joomla:1.0.13:::::::*
	cpe:2.3:a:joomla:joomla:1.03:::::::*
	cpe:2.3:a:joomla:joomla:1.5:::::::*
	cpe:2.3:a:joomla:joomla:1.5.0_beta:::::::*
	cpe:2.3:a:joomla:joomla:1.5.0_beta1:::::::*
	cpe:2.3:a:joomla:joomla:1.5.0_beta2:::::::*
	cpe:2.3:a:joomla:joomla:1.5.0_rc1:::::::*
	cpe:2.3:a:joomla:joomla:1.5.1:::::::*
	cpe:2.3:a:joomla:joomla:1.5.2:::::::*

References

Link	Resource
http://www.joomla.org/content/view/5180/1/
http://www.openwall.com/lists/oss-security/2008/07/12/2
http://www.securityfocus.com/bid/30125
https://exchange.xforce.ibmcloud.com/vulnerabilities/43650

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-07-18T16:00:00

Updated: 2017-08-07T12:57:01

Reserved: 2008-07-18T00:00:00

Link: CVE-2008-3226

JSON object: View

NVD Information

Status : Modified

Published: 2008-07-18T16:41:00.000

Modified: 2017-08-08T01:31:41.527

Link: CVE-2008-3226

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-12T00:00:00", "descriptions": [{"lang": "en", "value": "The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20080712 CVE requests: joomla <1.5.4", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2008/07/12/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.joomla.org/content/view/5180/1/"}, {"name": "30125", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30125"}, {"name": "joomla-filecaching-unauth-access(43650)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43650"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-3226", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20080712 CVE requests: joomla <1.5.4", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2008/07/12/2"}, {"name": "http://www.joomla.org/content/view/5180/1/", "refsource": "CONFIRM", "url": "http://www.joomla.org/content/view/5180/1/"}, {"name": "30125", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30125"}, {"name": "joomla-filecaching-unauth-access(43650)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43650"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-3226", "datePublished": "2008-07-18T16:00:00", "dateReserved": "2008-07-18T00:00:00", "dateUpdated": "2017-08-07T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*", "matchCriteriaId": "46425F76-D765-4432-85F2-49B80BD87097", "versionEndIncluding": "1.5.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9709F901-EDD2-4369-89F0-8AF3A63655E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC268591-FDFD-42A2-887F-4F1639CAB73C", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2E8E5942-AB17-45E8-B3D3-4DDD1DFA48D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "89946AA1-0694-44A5-962E-ED36B4BFCE9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6024ABB5-0CB7-4874-8758-CC6FBF3073D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "A41E39D9-ADD7-41A1-9E38-BD418B59E5E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "05C21464-3FD4-4528-A512-7C0DE70E331C", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "663EE640-2BE7-42FC-B848-7379C6DADA60", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "DAA2374C-E9D8-40E4-A4E5-E4F95E04E226", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "A0B64E85-CA80-46A6-9E62-B1F28CBED5CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "D4007FCB-589A-413D-8009-64404926CA7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "F6B0B037-5E62-4069-AF35-F05A777E05D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "314E12E1-107E-4AB3-8092-9F6C2C5FA11B", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "65860314-7B34-46B4-BA29-1A8EA715BF00", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "A235591C-1860-4877-8B61-7390EE359E12", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.03:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9C4B0-5B4B-4103-AA4E-419E08C22306", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "2017D307-89B3-4D94-A266-C7D8D45960A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.5.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "16F243A8-5513-4BB7-AB55-5A715D5AE546", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.5.0_beta1:*:*:*:*:*:*:*", "matchCriteriaId": "F95550B4-3620-42D8-99AC-369126CDDFAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.5.0_beta2:*:*:*:*:*:*:*", "matchCriteriaId": "BC0429EF-3848-4E72-999E-719DB54A7429", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.5.0_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "F12537ED-A4EB-40F9-AC00-B796169E114D", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CCDBF4D-A797-4828-A084-8C775FA94BDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "BB1B7CF2-B717-4F37-A923-0E188FF3C47F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors."}, {"lang": "es", "value": "La implementaci\u00f3n del cach\u00e9 de archivos en versiones de Joomla! anteriores a la 1.5.4 permite a los atacantes el acceso a p\u00e1ginas cacheadas a trav\u00e9s de vectores de ataque desconocidos."}], "id": "CVE-2008-3226", "lastModified": "2017-08-08T01:31:41.527", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-07-18T16:41:00.000", "references": [{"source": "cve@mitre.org", "url": "http://www.joomla.org/content/view/5180/1/"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2008/07/12/2"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/30125"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43650"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}