CVE Vulnerabilities

CVE-2005-4687

Published: Dec 31, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a clients IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header.

Affected Software

Name Vendor Start Version End Version
Punbb Punbb 1.2.3 1.2.3
Blog_cms F-art_agency 4.0.0 4.0.0
Punbb Punbb 1.2.7 1.2.7
Punbb Punbb 1.2.5 1.2.5
Blog_cms F-art_agency 4.0.0d 4.0.0d
Blog_cms F-art_agency 3.6.2 3.6.2
Punbb Punbb 1.2.1 1.2.1
Blog_cms F-art_agency 3.1 3.1
Blog_cms F-art_agency 4.0.0a 4.0.0a
Blog_cms F-art_agency 3.0 3.0
Blog_cms F-art_agency 3.1.4 3.1.4
Blog_cms F-art_agency 3.6.4 3.6.4
Punbb Punbb 1.2.4 1.2.4
Punbb Punbb 1.2.8 1.2.8
Blog_cms F-art_agency 3.1.2 3.1.2
Punbb Punbb 1.2.2 1.2.2
Blog_cms F-art_agency 3.1.3 3.1.3
Blog_cms F-art_agency 4.0.0c 4.0.0c
Punbb Punbb 1.2.6 1.2.6
Blog_cms F-art_agency 4.0.0b 4.0.0b
Punbb Punbb 1.2.9 1.2.9

References