CVE-2008-6877 - OpenCVE

Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this issue, stating "at worst, the use of this vulnerability will reveal some local file paths.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Zen Cart	Zen Cart

Configuration 1 [-]

OR	cpe:2.3:a:zen_cart:zen_cart:1.3.8:::::::*
	cpe:2.3:a:zen_cart:zen_cart:1.3.8a:::::::*

References

Link	Resource
http://osvdb.org/46912
http://secunia.com/advisories/31039	Vendor Advisory
http://www.attrition.org/pipermail/vim/2008-July/002028.html	Exploit
http://www.securityfocus.com/bid/30179	Exploit
http://www.zen-cart.com/forum/showthread.php?t=102802	Exploit
https://www.exploit-db.com/exploits/6038

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-07-27T14:22:00

Updated: 2017-09-28T12:57:01

Reserved: 2009-07-27T00:00:00

Link: CVE-2008-6877

JSON object: View

NVD Information

Status : Modified

Published: 2009-07-27T14:30:00.343

Modified: 2024-05-17T00:41:44.853

Link: CVE-2008-6877

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-10T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this issue, stating \"at worst, the use of this vulnerability will reveal some local file paths."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "31039", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31039"}, {"name": "20080711 Zen Cart 1.3.8 Multiple Local File Inclusion Vulnerabilities", "tags": ["mailing-list", "x_refsource_VIM"], "url": "http://www.attrition.org/pipermail/vim/2008-July/002028.html"}, {"name": "46912", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/46912"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zen-cart.com/forum/showthread.php?t=102802"}, {"name": "6038", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/6038"}, {"name": "30179", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30179"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-6877", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this issue, stating \"at worst, the use of this vulnerability will reveal some local file paths.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "31039", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31039"}, {"name": "20080711 Zen Cart 1.3.8 Multiple Local File Inclusion Vulnerabilities", "refsource": "VIM", "url": "http://www.attrition.org/pipermail/vim/2008-July/002028.html"}, {"name": "46912", "refsource": "OSVDB", "url": "http://osvdb.org/46912"}, {"name": "http://www.zen-cart.com/forum/showthread.php?t=102802", "refsource": "MISC", "url": "http://www.zen-cart.com/forum/showthread.php?t=102802"}, {"name": "6038", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6038"}, {"name": "30179", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30179"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-6877", "datePublished": "2009-07-27T14:22:00", "dateReserved": "2009-07-27T00:00:00", "dateUpdated": "2017-09-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zen_cart:zen_cart:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "B860D940-F10D-473A-B146-E11C50F9C2C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:zen_cart:zen_cart:1.3.8a:*:*:*:*:*:*:*", "matchCriteriaId": "37D23070-9ED0-466B-BADF-11CD436232D3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this issue, stating \"at worst, the use of this vulnerability will reveal some local file paths."}, {"lang": "es", "value": "** DISPUTADA ** Vulnerabilidad de salto de directorio en admin/includes/initsystem.php en Zen Cart v1.3.8 y v1.3.8a, cuando .htaccess no esta soportado, lo que permite a atacantes remotos incluir y ejecutar ficheros locales de forma arbitraria a trav\u00e9s de .. (punto punto) en el par\u00e1metro \"loader_file\". NOTA: El vendedor no esta de acuerdo con este hecho, \"den el peor de los casos la explotaci\u00f3n de esta vulnerabilidad solo muestro algunos ficheros locales\"."}], "id": "CVE-2008-6877", "lastModified": "2024-05-17T00:41:44.853", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-07-27T14:30:00.343", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/46912"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31039"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.attrition.org/pipermail/vim/2008-July/002028.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/30179"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.zen-cart.com/forum/showthread.php?t=102802"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/6038"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}