planet-freo up to 20150116 admin/inc/auth.inc.php auth comparison
A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/inc/auth.inc.php. The manipulation of the argument auth with an unknown input leads to a comparison vulnerability. Using CWE to declare the problem leads to CWE-697. The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses. Impacted is confidentiality.
The weakness was released 08/03/2015 as 6ad38c58a45642eb8c7844e2f272ef199f59550d. The advisory is shared for download at github.com. This vulnerability is handled as CVE-2015-10129. Technical details as well as a public exploit are known.
The exploit is available at github.com. It is declared as proof-of-concept. By approaching the search of inurl:admin/inc/auth.inc.php it is possible to find vulnerable targets with Google Hacking.
Applying the patch 6ad38c58a45642eb8c7844e2f272ef199f59550d is able to eliminate this problem. The bugfix is ready for download at github.com. A possible mitigation has been published immediately after the disclosure of the vulnerability. The advisory contains the following remark:
Password comparison should not be done with the `==` operator, but `===`, due to type juggling. References: * http://phpsadness.com/sad/47 * turbochaos.blogspot.fr/2013/08/exploiting-exotic-bugs-php-type-juggling. htm
Product
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.4VulDB Meta Temp Score: 4.3
VulDB Base Score: 3.7
VulDB Temp Score: 3.4
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 5.9
NVD Vector: 🔍
CNA Base Score: 3.7
CNA Vector (VulDB): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: ComparisonCWE: CWE-697
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: 6ad38c58a45642eb8c7844e2f272ef199f59550d
Timeline
08/03/2015 🔍08/03/2015 🔍
02/02/2024 🔍
02/02/2024 🔍
06/26/2024 🔍
Sources
Advisory: 6ad38c58a45642eb8c7844e2f272ef199f59550dStatus: Confirmed
CVE: CVE-2015-10129 (🔍)
GCVE (CVE): GCVE-0-2015-10129
GCVE (VulDB): GCVE-100-252716
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 02/02/2024 14:40Updated: 06/26/2024 21:55
Changes: 02/02/2024 14:40 (47), 02/25/2024 09:16 (2), 02/25/2024 09:18 (28), 06/26/2024 21:55 (22)
Complete: 🔍
Cache ID: 152:AC2:65
No comments yet. Languages: en.
Please log in to comment.