Vulnerability Details

ID: CVE-2003-0434

Last Modified: Oct. 11, 2017

Open in new window

Description

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

CVSS V2

Access Vector: Network

Access Complexity: Low

Authentication: None

Confidentiality Impact: Partial

Integrity Impact: Partial

Availability Impact: Partial

Base Score: 7.5

Exploitability Score: 10.0

Impact Score: 6.4

CVSS V2: AV:N/AC:L/Au:N/C:P/I:P/A:P

Specialize CVSS-Score

CWE-ID

NVD-CWE-Other

Snort-Rules

['alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS ( msg:"SERVER-WEBAPP Infinity CGI exploit scanner nph-exploitscanget.cgi access"; flow:to_server,established; http_uri; content:"/nph-exploitscanget.cgi",fast_pattern,nocase; metadata:ruleset community; service:http; reference:bugtraq,7910; reference:bugtraq,7911; reference:bugtraq,7913; reference:cve,2003-0434; reference:nessus,11740; classtype:web-application-activity; sid:2222; rev:20; )\n', '# alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"SERVER-WEBAPP Infinity CGI exploit scanner nph-exploitscanget.cgi access"; flow:to_server,established; content:"/nph-exploitscanget.cgi"; fast_pattern:only; http_uri; metadata:ruleset community, service http; reference:bugtraq,7910; reference:bugtraq,7911; reference:bugtraq,7913; reference:cve,2003-0434; reference:nessus,11740; classtype:web-application-activity; sid:2222; rev:20;)\n']

Configuration

Condition		Configuration
OR
OR
	cpe:2.3:a:adobe:acrobat:5.0.6:::::::* Part: a Product: acrobat Vendor: adobe Version: 5.0.6	Alle Schwachstellen für adobe
	cpe:2.3:a:xpdf:xpdf:1.1:::::::* Part: a Product: xpdf Vendor: xpdf Version: 1.1	Alle Schwachstellen für xpdf

Condition		Configuration
OR
OR
	cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:::::::* Part: o Product: mandrake_linux_corporate_server Vendor: mandrakesoft Version: 2.1	Alle Schwachstellen für mandrakesoft
	cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server::::: Part: o Product: enterprise_linux Edition: enterprise_server Vendor: redhat Version: 2.1	Alle Schwachstellen für redhat
	cpe:2.3:o:redhat:linux_advanced_workstation:2.1::itanium::::: Part: o Product: linux_advanced_workstation Edition: itanium Vendor: redhat Version: 2.1	Alle Schwachstellen für redhat
	cpe:2.3:o:redhat:linux:7.2:::::::* Part: o Product: linux Vendor: redhat Version: 7.2	Alle Schwachstellen für redhat
	cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server::::: Part: o Product: enterprise_linux Edition: advanced_server Vendor: redhat Version: 2.1	Alle Schwachstellen für redhat
	cpe:2.3:o:redhat:linux:8.0:::::::* Part: o Product: linux Vendor: redhat Version: 8.0	Alle Schwachstellen für redhat
	cpe:2.3:o:redhat:linux:7.3:::::::* Part: o Product: linux Vendor: redhat Version: 7.3	Alle Schwachstellen für redhat
	cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:::::::* Part: o Product: mandrake_linux Vendor: mandrakesoft Version: 9.0	Alle Schwachstellen für mandrakesoft
	cpe:2.3:o:redhat:enterprise_linux:2.1::workstation::::: Part: o Product: enterprise_linux Edition: workstation Vendor: redhat Version: 2.1	Alle Schwachstellen für redhat
	cpe:2.3:o:redhat:linux:7.1:::::::* Part: o Product: linux Vendor: redhat Version: 7.1	Alle Schwachstellen für redhat
	cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:::::::* Part: o Product: mandrake_linux Vendor: mandrakesoft Version: 9.1	Alle Schwachstellen für mandrakesoft
	cpe:2.3:o:redhat:linux:9.0:::::::* Part: o Product: linux Vendor: redhat Version: 9.0	Alle Schwachstellen für redhat

Pre-Condition

                    <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <set operator="or">
            <prop key="application" value="cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*"/>
            <prop key="application" value="cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*"/>
        </set>
        <set operator="or">
            <prop key="operating_system" value="cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*"/>
            <prop key="operating_system" value="cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*"/>
        </set>
    </set>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="remote"/>
</set>

Post-Condition

                      <?xml version="1.0" ?>
<set operator="and">
    <prop key="target" value="host"/>
    <set operator="or">
        <prop key="program_influence" value="input"/>
        <prop key="program_influence" value="output"/>
        <prop key="program_influence" value="existence"/>
    </set>
    <prop key="data" value="any"/>
    <set operator="or">
        <prop key="data_influence" value="read"/>
        <prop key="data_influence" value="write"/>
        <prop key="data_influence" value="delete"/>
    </set>
    <set operator="or">
        <prop key="range" value="remote"/>
        <prop key="range" value="local"/>
    </set>
</set>

HPI-VDB — Database for IT-Attack Analysis