Vulnerabilities > CVE-2004-0613 - Remote Command Execution vulnerability in Osticket STS 1.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | osTicket STS 1.2 Attachment Remote Command Execution Vulnerability. CVE-2004-0613. Webapps exploit for php platform |
| id | EDB-ID:24225 |
| last seen | 2016-02-02 |
| modified | 2004-06-21 |
| published | 2004-06-21 |
| reporter | Guy Pearce |
| source | https://www.exploit-db.com/download/24225/ |
| title | osTicket STS 1.2 Attachment Remote Command Execution Vulnerability |
Nessus
NASL family CGI abuses NASL id OSTICKET_ATTACHMENT_CODE_EXECUTION.NASL description The target is running at least one instance of osTicket that enables a remote user to open a new ticket with an attachment containing arbitrary PHP code and then to run that code using the permissions of the web server user. last seen 2020-06-01 modified 2020-06-02 plugin id 13645 published 2004-07-14 reporter This script is Copyright (C) 2004-2018 George A. Theall source https://www.tenable.com/plugins/nessus/13645 title osTicket Attachment Handling File Upload Arbitrary Code Execution NASL family CGI abuses NASL id OSTICKET_VIEW_ATTACHMENTS.NASL description The target is running at least one instance of osTicket that enables a remote user to view attachments associated with any existing ticket. These attachments may contain sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 13648 published 2004-07-14 reporter This script is Copyright (C) 2004-2018 George A. Theall source https://www.tenable.com/plugins/nessus/13648 title osTicket Arbitrary Attachment Disclosure