Vulnerabilities > CVE-2005-1203 - Cross-Site Scripting and SQL Injection vulnerability in eGroupWare
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
description eGroupWare 1.0 tts/index.php filter Parameter SQL Injection. CVE-2005-1203. Webapps exploit for php platform id EDB-ID:25436 last seen 2016-02-03 modified 2005-04-18 published 2005-04-18 reporter GulfTech Security source https://www.exploit-db.com/download/25436/ title eGroupWare 1.0 tts/index.php filter Parameter SQL Injection description eGroupWare 1.0 index.php cats_app Parameter SQL Injection. CVE-2005-1203. Webapps exploit for php platform id EDB-ID:25437 last seen 2016-02-03 modified 2005-04-18 published 2005-04-18 reporter GulfTech Security source https://www.exploit-db.com/download/25437/ title eGroupWare 1.0 index.php cats_app Parameter SQL Injection
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200504-24.NASL description The remote host is affected by the vulnerability described in GLSA-200504-24 (eGroupWare: XSS and SQL injection vulnerabilities) Multiple SQL injection and cross-site scripting vulnerabilities have been found in several eGroupWare modules. Impact : An attacker could possibly use the SQL injection vulnerabilities to gain information from the database. Furthermore the cross-site scripting issues give an attacker the ability to inject and execute malicious script code or to steal cookie based authentication credentials, potentially compromising the victim last seen 2020-06-01 modified 2020-06-02 plugin id 18127 published 2005-04-25 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18127 title GLSA-200504-24 : eGroupWare: XSS and SQL injection vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200504-24. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(18127); script_version("1.17"); script_cvs_date("Date: 2019/08/02 13:32:42"); script_cve_id("CVE-2005-1202", "CVE-2005-1203"); script_xref(name:"GLSA", value:"200504-24"); script_name(english:"GLSA-200504-24 : eGroupWare: XSS and SQL injection vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200504-24 (eGroupWare: XSS and SQL injection vulnerabilities) Multiple SQL injection and cross-site scripting vulnerabilities have been found in several eGroupWare modules. Impact : An attacker could possibly use the SQL injection vulnerabilities to gain information from the database. Furthermore the cross-site scripting issues give an attacker the ability to inject and execute malicious script code or to steal cookie based authentication credentials, potentially compromising the victim's browser. Workaround : There is no known workaround at this time." ); # http://www.gulftech.org/?node=research&article_id=00069-04202005 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?dc828659" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200504-24" ); script_set_attribute( attribute:"solution", value: "All eGroupWare users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/egroupware-1.0.0.007'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:egroupware"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2005/04/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"www-apps/egroupware", unaffected:make_list("ge 1.0.0.007"), vulnerable:make_list("lt 1.0.0.007"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "eGroupWare"); }NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_B4892B5BFB1C11D996BA00909925DB3E.NASL description Multiple cross-site scripting (XSS) vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the (1) ab_id, (2) page, (3) type, or (4) lang parameter to index.php or (5) category_id parameter. Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter. last seen 2020-06-01 modified 2020-06-02 plugin id 19355 published 2005-08-01 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19355 title FreeBSD : egroupware -- multiple XSS (XSS) and SQL injection vulnerabilities (b4892b5b-fb1c-11d9-96ba-00909925db3e) NASL family CGI abuses NASL id EGROUPWARE_UNKNOWN_VULN.NASL description The remote host is running eGroupWare, a web-based groupware solution. It is reported that versions 1.0.0.006 and older are prone to multiple SQL injection and cross-site scripting flaws. last seen 2020-06-01 modified 2020-06-02 plugin id 15719 published 2004-11-13 reporter This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15719 title EGroupWare Multiple Vulnerabilities (SQLi, ID)
References
- http://marc.info/?l=bugtraq&m=111401760125555&w=2
- http://secunia.com/advisories/14982
- http://security.gentoo.org/glsa/glsa-200504-24.xml
- http://sourceforge.net/project/shownotes.php?release_id=320768
- http://www.gulftech.org/?node=research&article_id=00069-04202005
- http://www.osvdb.org/15753
- http://www.securityfocus.com/bid/13212