CVE-2007-4338 - OpenCVE

index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Haudenschilt	Family Connections Cms

Configuration 1 [-]

OR	cpe:2.3:a:haudenschilt:family_connections_cms::::::::
	cpe:2.3:a:haudenschilt:family_connections_cms:0.1.1:::::::*
	cpe:2.3:a:haudenschilt:family_connections_cms:0.1.2:::::::*
	cpe:2.3:a:haudenschilt:family_connections_cms:0.5:::::::*
	cpe:2.3:a:haudenschilt:family_connections_cms:0.6:::::::*

No data.

References

Link	Providers
http://osvdb.org/39534
http://secunia.com/advisories/26421
http://securityreason.com/securityalert/3009
http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513
http://www.attrition.org/pipermail/vim/2007-August/001762.html
http://www.attrition.org/pipermail/vim/2007-August/001768.html
http://www.securityfocus.com/archive/1/476142/100/0/threaded
http://www.securityfocus.com/archive/1/476293/100/0/threaded
http://www.securityfocus.com/bid/25276
https://exchange.xforce.ibmcloud.com/vulnerabilities/35966

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-14T18:00:00

Updated: 2024-08-07T14:53:55.373Z

Reserved: 2007-08-14T00:00:00

Link: CVE-2007-4338

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-08-14T18:17:00.000

Modified: 2018-10-15T21:34:41.103

Link: CVE-2007-4338

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-08-11T00:00:00", "descriptions": [{"lang": "en", "value": "index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "3009", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3009"}, {"name": "20070813 Re: FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/476293/100/0/threaded"}, {"name": "20070811 FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/476142/100/0/threaded"}, {"name": "25276", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25276"}, {"name": "26421", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26421"}, {"name": "family-fcmsloginid-security-bypass(35966)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35966"}, {"name": "20070814 uncertain: FCMS (Family Connections) code execution", "tags": ["mailing-list", "x_refsource_VIM"], "url": "http://www.attrition.org/pipermail/vim/2007-August/001762.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513"}, {"name": "39534", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/39534"}, {"name": "20070823 vendor ACK for CVE-2007-4338 (Familr Connections)", "tags": ["mailing-list", "x_refsource_VIM"], "url": "http://www.attrition.org/pipermail/vim/2007-August/001768.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4338", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "3009", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3009"}, {"name": "20070813 Re: FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/476293/100/0/threaded"}, {"name": "20070811 FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/476142/100/0/threaded"}, {"name": "25276", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25276"}, {"name": "26421", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26421"}, {"name": "family-fcmsloginid-security-bypass(35966)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35966"}, {"name": "20070814 uncertain: FCMS (Family Connections) code execution", "refsource": "VIM", "url": "http://www.attrition.org/pipermail/vim/2007-August/001762.html"}, {"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513"}, {"name": "39534", "refsource": "OSVDB", "url": "http://osvdb.org/39534"}, {"name": "20070823 vendor ACK for CVE-2007-4338 (Familr Connections)", "refsource": "VIM", "url": "http://www.attrition.org/pipermail/vim/2007-August/001768.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:53:55.373Z"}, "title": "CVE Program Container", "references": [{"name": "3009", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3009"}, {"name": "20070813 Re: FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/476293/100/0/threaded"}, {"name": "20070811 FCMS (Family Connections) <= 0.1.1 Remote Command Execution Exploit // www.MefistoLabs.com", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/476142/100/0/threaded"}, {"name": "25276", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25276"}, {"name": "26421", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26421"}, {"name": "family-fcmsloginid-security-bypass(35966)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35966"}, {"name": "20070814 uncertain: FCMS (Family Connections) code execution", "tags": ["mailing-list", "x_refsource_VIM", "x_transferred"], "url": "http://www.attrition.org/pipermail/vim/2007-August/001762.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513"}, {"name": "39534", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/39534"}, {"name": "20070823 vendor ACK for CVE-2007-4338 (Familr Connections)", "tags": ["mailing-list", "x_refsource_VIM", "x_transferred"], "url": "http://www.attrition.org/pipermail/vim/2007-August/001768.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4338", "datePublished": "2007-08-14T18:00:00", "dateReserved": "2007-08-14T00:00:00", "dateUpdated": "2024-08-07T14:53:55.373Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:haudenschilt:family_connections_cms:*:*:*:*:*:*:*:*", "matchCriteriaId": "7404352F-25A7-472A-BE0C-F4B35EE29E9C", "versionEndIncluding": "0.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:haudenschilt:family_connections_cms:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4A3DC010-D142-4DEB-B425-04B8E10D9AEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:haudenschilt:family_connections_cms:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "505E59AC-08C9-4D13-8470-76191D73F6A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:haudenschilt:family_connections_cms:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "CBA041C5-5FF4-46A8-9F1D-74025E742EAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:haudenschilt:family_connections_cms:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "D025AEE2-75AF-4959-9E78-E9AB6E163664", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter."}, {"lang": "es", "value": "El archivo index.php en Ryan Haudenschilt Family Connections (FCMS) versiones anteriores a 0.9, permite a atacantes remotos acceder a una cuenta arbitraria mediante la colocaci\u00f3n del nombre de la cuenta en el valor de una cookie de fcms_login_id. NOTA: esto puede ser aprovechado para la ejecuci\u00f3n de c\u00f3digo por medio de un POST con c\u00f3digo PHP en el par\u00e1metro content."}], "id": "CVE-2007-4338", "lastModified": "2018-10-15T21:34:41.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-14T18:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/39534"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/26421"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3009"}, {"source": "cve@mitre.org", "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1778696&group_id=189733&atid=930513"}, {"source": "cve@mitre.org", "url": "http://www.attrition.org/pipermail/vim/2007-August/001762.html"}, {"source": "cve@mitre.org", "url": "http://www.attrition.org/pipermail/vim/2007-August/001768.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/476142/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/476293/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/25276"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35966"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}