Search criteria
12 vulnerabilities found for cgiwrap by nathan_neulinger
FKIE_CVE-2008-2852
Vulnerability from fkie_nvd - Published: 2008-06-25 12:36 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nathan_neulinger | cgiwrap | 3.5 | |
| nathan_neulinger | cgiwrap | 3.6 | |
| nathan_neulinger | cgiwrap | 3.6.1 | |
| nathan_neulinger | cgiwrap | 3.6.2 | |
| nathan_neulinger | cgiwrap | 3.6.3 | |
| nathan_neulinger | cgiwrap | 3.6.4 | |
| nathan_neulinger | cgiwrap | 3.6.10 | |
| nathan_neulinger | cgiwrap | 3.7 | |
| nathan_neulinger | cgiwrap | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D350D018-07DF-41BD-8358-B7FEE42D04D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "19D94994-FDE9-47FF-A247-0AF138828C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD73F47-CCA9-4E21-B631-CFB532D7816A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6E64BEE1-0F96-41A2-8AD7-4889EFABF098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "00F89A6C-FA37-4BCA-B67D-C0CADC7470DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "894D89D7-966C-4709-BE5C-21C0CEC31D67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A860C7A8-D4BE-43D8-9BD0-039C5CE494BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2CD755-9727-4762-ADE2-74B67DEFB52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFCFA04-FE7C-4DB0-911A-2CD7B61C2625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en CGIWrap anterior a la 4.1, cuando se usa un navegador basado en Internet Explorer, permite a atacantes remotos ejecutar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados relacionados con un fallo a la hora de establecer el conjunto de caracteres en los mensajes de error."
}
],
"id": "CVE-2008-2852",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-06-25T12:36:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30765"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29811"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-0767
Vulnerability from fkie_nvd - Published: 2006-02-18 21:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nathan_neulinger | cgiwrap | 3.0 | |
| nathan_neulinger | cgiwrap | 3.1 | |
| nathan_neulinger | cgiwrap | 3.2 | |
| nathan_neulinger | cgiwrap | 3.3 | |
| nathan_neulinger | cgiwrap | 3.4 | |
| nathan_neulinger | cgiwrap | 3.5 | |
| nathan_neulinger | cgiwrap | 3.5_beta | |
| nathan_neulinger | cgiwrap | 3.6 | |
| nathan_neulinger | cgiwrap | 3.6.1 | |
| nathan_neulinger | cgiwrap | 3.6.2 | |
| nathan_neulinger | cgiwrap | 3.6.3 | |
| nathan_neulinger | cgiwrap | 3.6.4 | |
| nathan_neulinger | cgiwrap | 3.6_beta1 | |
| nathan_neulinger | cgiwrap | 3.6_beta2 | |
| nathan_neulinger | cgiwrap | 3.6_beta3 | |
| nathan_neulinger | cgiwrap | 3.6_beta4 | |
| nathan_neulinger | cgiwrap | 3.6_beta5 | |
| nathan_neulinger | cgiwrap | 3.6_beta6 | |
| nathan_neulinger | cgiwrap | 3.6_beta7 | |
| nathan_neulinger | cgiwrap | 3.6_beta8 | |
| nathan_neulinger | cgiwrap | 3.7 | |
| nathan_neulinger | cgiwrap | 3.8 | |
| nathan_neulinger | cgiwrap | 3.8_rc1 | |
| nathan_neulinger | cgiwrap | 3.9 | |
| nathan_neulinger | cgiwrap | 3.11 | |
| nathan_neulinger | cgiwrap | 3.21 | |
| nathan_neulinger | cgiwrap | 3.22 | |
| nathan_neulinger | cgiwrap | 3.23 | |
| nathan_neulinger | cgiwrap | 3.24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "182BE2C1-8BEE-4FE8-AC66-E0F7F0F5019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B424E2DD-692D-4F55-A545-14E4DDA07C30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4145B829-6BC5-47C6-BB4B-53FBD326E9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9417D4E5-F7F1-43B5-B684-58BB850B1F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95FD2FBC-062C-40A4-8778-BC69E0B6B3A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D350D018-07DF-41BD-8358-B7FEE42D04D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "7C91DB31-0D2B-4CEC-BFB6-D1F0DEE1D62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "19D94994-FDE9-47FF-A247-0AF138828C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD73F47-CCA9-4E21-B631-CFB532D7816A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6E64BEE1-0F96-41A2-8AD7-4889EFABF098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "00F89A6C-FA37-4BCA-B67D-C0CADC7470DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "894D89D7-966C-4709-BE5C-21C0CEC31D67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "1203AABC-E9C8-4830-9DB3-9F20775301C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "10EF80AD-72D1-4C79-979D-D0B4E68D299A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA43E34-4D31-4363-B1C5-6360FA11DDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C9891A-265B-430B-9052-8F1E1F4234EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D138B9-3C9C-49C8-8B5A-607C031F7CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33C0DC-D0C7-49DB-90B7-CC20C607196F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta7:*:*:*:*:*:*:*",
"matchCriteriaId": "3B95C44A-ED6F-4095-80BB-25D6B504E23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6_beta8:*:*:*:*:*:*:*",
"matchCriteriaId": "AD384A56-FF4C-4069-8513-9E9A0FEFFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2CD755-9727-4762-ADE2-74B67DEFB52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "31F2599F-0AEA-491F-81CF-946A6256066C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.8_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B34C43D-4920-4957-AD52-3B9C29EE9541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CED27E48-05F5-44F3-BD09-60454F7DD616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0C349294-8B79-4795-BE79-F35AAEE6C6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "4B2B6924-490A-48B2-94BD-7F0607D64592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D29FE762-87E2-4A8A-A415-1E3E9607E769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "F174DE2D-98FA-4458-8181-D715732AA4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3D4340-7143-49A3-8569-575A155252C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information."
}
],
"id": "CVE-2006-0767",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-18T21:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18797"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16669"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-3254
Vulnerability from fkie_nvd - Published: 2005-10-18 21:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nathan_neulinger | cgiwrap | 1.0 | |
| nathan_neulinger | cgiwrap | 2.0 | |
| nathan_neulinger | cgiwrap | 2.1 | |
| nathan_neulinger | cgiwrap | 2.2 | |
| nathan_neulinger | cgiwrap | 2.3 | |
| nathan_neulinger | cgiwrap | 2.4 | |
| nathan_neulinger | cgiwrap | 2.5 | |
| nathan_neulinger | cgiwrap | 2.6 | |
| nathan_neulinger | cgiwrap | 2.7 | |
| nathan_neulinger | cgiwrap | 3.0 | |
| nathan_neulinger | cgiwrap | 3.1 | |
| nathan_neulinger | cgiwrap | 3.2 | |
| nathan_neulinger | cgiwrap | 3.3 | |
| nathan_neulinger | cgiwrap | 3.4 | |
| nathan_neulinger | cgiwrap | 3.5 | |
| nathan_neulinger | cgiwrap | 3.6 | |
| nathan_neulinger | cgiwrap | 3.6.1 | |
| nathan_neulinger | cgiwrap | 3.6.2 | |
| nathan_neulinger | cgiwrap | 3.6.3 | |
| nathan_neulinger | cgiwrap | 3.6.4 | |
| nathan_neulinger | cgiwrap | 3.6.5 | |
| nathan_neulinger | cgiwrap | 3.7 | |
| nathan_neulinger | cgiwrap | 3.7.1 | |
| nathan_neulinger | cgiwrap | 3.8 | |
| nathan_neulinger | cgiwrap | 3.11 | |
| nathan_neulinger | cgiwrap | 3.21 | |
| nathan_neulinger | cgiwrap | 3.22 | |
| nathan_neulinger | cgiwrap | 3.23 | |
| nathan_neulinger | cgiwrap | 3.24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:1.0:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "210D4507-0674-4CE8-B5E5-2968EBBD812A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.0:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "2C7E6FC7-B662-4EAD-BB70-4D0B71FC227B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.1:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "41C1A717-D4C5-4B13-B854-4876390FFE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.2:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "066CB342-3253-474E-BB68-3087DC25D4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.3:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "A4E0DCAA-DD68-4F96-8FB5-93B50DEBCBAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.4:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "65B98F5D-BFCB-4D40-90E2-ADCB3DD01C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.5:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "34C675A3-DC2A-4B42-AC92-B360C5D9B24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.6:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "F4DC500E-517C-4835-AC40-44982E465AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.7:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "B3CD3A7F-825D-41DF-92FF-A60A33AC8B4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.0:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "EAF0C607-C08F-4D04-8ACE-2796AB369DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.1:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "92229934-F6EF-469D-ADE1-7901BBD2252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.2:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "90D1310E-824E-4C2A-AAE7-D0C9D27DA8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.3:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "DF999CEA-56D2-464D-A6E0-A1972C2D0317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.4:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "149D3D64-6B9B-4AC9-95F8-592BF2BE0349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.5:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "FD972D61-0392-4EB3-9469-ACBBCF2637C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "90A7D13C-F694-4D4B-9B58-9DE68317C136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.1:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "5EDF950B-043C-485F-A08E-DCF81EC931FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.2:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "384E9435-030F-43BC-9455-301F574CF663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.3:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "1198FF43-4566-41B9-9297-D58323A64369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.4:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "BFF334A9-3D51-4922-BCE1-D26F65899D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.5:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "467E03EB-EB96-466E-A960-072BCACFEF70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "CF5DDD4C-B253-47EA-A7CC-2B4674903CDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7.1:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "59515C6D-1B84-4D2C-9C9B-C2DC0DC8DAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.8:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "7C272EA2-B65C-4F16-BACF-B7717319EC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.11:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "CF865B2C-9643-4690-BF2F-57F21522AD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.21:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "F41C0839-B0B7-4BC7-A44B-F08A1649EB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.22:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "6831B987-BF5B-4555-825A-AF56C4EEC182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.23:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "1CF0C54A-7D2E-45B2-97DD-F486D62F2E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.24:*:debian_gnu_linux:*:*:*:*:*",
"matchCriteriaId": "05CFE913-3AA0-4B73-9A37-B449E6A4162D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."
}
],
"id": "CVE-2005-3254",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-10-18T21:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2001-0987
Vulnerability from fkie_nvd - Published: 2001-07-22 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nathan_neulinger | cgiwrap | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D77B405-5FD8-4886-B9DD-5841DCCEDA86",
"versionEndIncluding": "3.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap."
}
],
"id": "CVE-2001-0987",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1909"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3084"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-2852 (GCVE-0-2008-2852)
Vulnerability from cvelistv5 – Published: 2008-06-25 10:00 – Updated: 2024-08-07 09:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:14:14.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29811",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "JVN#45389864",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"name": "30765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30765"
},
{
"name": "cgiwrap-error-messages-xss(43176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29811",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "JVN#45389864",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"name": "30765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30765"
},
{
"name": "cgiwrap-error-messages-xss(43176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29811"
},
{
"name": "http://cgiwrap.sourceforge.net/changes.html",
"refsource": "CONFIRM",
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "JVN#45389864",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"name": "30765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30765"
},
{
"name": "cgiwrap-error-messages-xss(43176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2852",
"datePublished": "2008-06-25T10:00:00",
"dateReserved": "2008-06-24T00:00:00",
"dateUpdated": "2024-08-07T09:14:14.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0767 (GCVE-0-2006-0767)
Vulnerability from cvelistv5 – Published: 2006-02-18 21:00 – Updated: 2024-08-07 16:48
VLAI?
Summary
CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:55.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16669"
},
{
"name": "18797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18797"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"name": "ADV-2006-0601",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"name": "cgiwrap-error-information-disclosure(24717)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16669"
},
{
"name": "18797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18797"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"name": "ADV-2006-0601",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"name": "cgiwrap-error-information-disclosure(24717)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16669",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16669"
},
{
"name": "18797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18797"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"name": "ADV-2006-0601",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"name": "http://sourceforge.net/project/showfiles.php?group_id=8209",
"refsource": "MISC",
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"name": "cgiwrap-error-information-disclosure(24717)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0767",
"datePublished": "2006-02-18T21:00:00",
"dateReserved": "2006-02-18T00:00:00",
"dateUpdated": "2024-08-07T16:48:55.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3254 (GCVE-0-2005-3254)
Vulnerability from cvelistv5 – Published: 2005-10-18 04:00 – Updated: 2024-09-17 02:20
VLAI?
Summary
The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-10-18T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3254",
"datePublished": "2005-10-18T04:00:00Z",
"dateReserved": "2005-10-18T00:00:00Z",
"dateUpdated": "2024-09-17T02:20:34.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0987 (GCVE-0-2001-0987)
Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:37
VLAI?
Summary
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:07.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "20010722 Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"name": "1909",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1909"
},
{
"name": "cgiwrap-cross-site-scripting(6886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
},
{
"name": "3084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3084"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-06T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "20010722 Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"name": "1909",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1909"
},
{
"name": "cgiwrap-cross-site-scripting(6886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
},
{
"name": "3084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3084"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cgiwrap.sourceforge.net/changes.html",
"refsource": "CONFIRM",
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "20010722 Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"name": "1909",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1909"
},
{
"name": "cgiwrap-cross-site-scripting(6886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
},
{
"name": "3084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3084"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0987",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:37:07.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2852 (GCVE-0-2008-2852)
Vulnerability from nvd – Published: 2008-06-25 10:00 – Updated: 2024-08-07 09:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:14:14.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29811",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "JVN#45389864",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"name": "30765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30765"
},
{
"name": "cgiwrap-error-messages-xss(43176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29811",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "JVN#45389864",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"name": "30765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30765"
},
{
"name": "cgiwrap-error-messages-xss(43176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29811"
},
{
"name": "http://cgiwrap.sourceforge.net/changes.html",
"refsource": "CONFIRM",
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "JVN#45389864",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN45389864/index.html"
},
{
"name": "30765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30765"
},
{
"name": "cgiwrap-error-messages-xss(43176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43176"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=8209\u0026release_id=607349"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2852",
"datePublished": "2008-06-25T10:00:00",
"dateReserved": "2008-06-24T00:00:00",
"dateUpdated": "2024-08-07T09:14:14.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0767 (GCVE-0-2006-0767)
Vulnerability from nvd – Published: 2006-02-18 21:00 – Updated: 2024-08-07 16:48
VLAI?
Summary
CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:55.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16669"
},
{
"name": "18797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18797"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"name": "ADV-2006-0601",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"name": "cgiwrap-error-information-disclosure(24717)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16669"
},
{
"name": "18797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18797"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"name": "ADV-2006-0601",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"name": "cgiwrap-error-information-disclosure(24717)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16669",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16669"
},
{
"name": "18797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18797"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=393274\u0026group_id=8209"
},
{
"name": "ADV-2006-0601",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0601"
},
{
"name": "http://sourceforge.net/project/showfiles.php?group_id=8209",
"refsource": "MISC",
"url": "http://sourceforge.net/project/showfiles.php?group_id=8209"
},
{
"name": "cgiwrap-error-information-disclosure(24717)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24717"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0767",
"datePublished": "2006-02-18T21:00:00",
"dateReserved": "2006-02-18T00:00:00",
"dateUpdated": "2024-08-07T16:48:55.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3254 (GCVE-0-2005-3254)
Vulnerability from nvd – Published: 2005-10-18 04:00 – Updated: 2024-09-17 02:20
VLAI?
Summary
The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-10-18T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3254",
"datePublished": "2005-10-18T04:00:00Z",
"dateReserved": "2005-10-18T00:00:00Z",
"dateUpdated": "2024-09-17T02:20:34.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0987 (GCVE-0-2001-0987)
Vulnerability from nvd – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:37
VLAI?
Summary
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:07.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "20010722 Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"name": "1909",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1909"
},
{
"name": "cgiwrap-cross-site-scripting(6886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
},
{
"name": "3084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3084"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-06T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "20010722 Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"name": "1909",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1909"
},
{
"name": "cgiwrap-cross-site-scripting(6886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
},
{
"name": "3084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3084"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cgiwrap.sourceforge.net/changes.html",
"refsource": "CONFIRM",
"url": "http://cgiwrap.sourceforge.net/changes.html"
},
{
"name": "20010722 Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0499.html"
},
{
"name": "1909",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1909"
},
{
"name": "cgiwrap-cross-site-scripting(6886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6886"
},
{
"name": "3084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3084"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0987",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:37:07.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}