PeanutKB Multiple Unspecified Input Validation Vulnerabilities
BID:22628
Info
PeanutKB Multiple Unspecified Input Validation Vulnerabilities
| Bugtraq ID: | 22628 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-1039 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 20 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | These vulnerabilities were reported by the vendor. |
| Vulnerable: |
PeanutKB PeanutKB 0.0.3 PeanutKB PeanutKB 0.0.2 PeanutKB PeanutKB 0.0.1 |
| Not Vulnerable: |
PeanutKB PeanutKB 0.0.4 |
Discussion
PeanutKB Multiple Unspecified Input Validation Vulnerabilities
PeanutKB is prone to multiple unspecified input-validation vulnerabilities.
Little is known regarding these vulnerabilities; this BID will be updated as information becomes available.
Successful exploits of these issues may likely allow an attacker to execute arbitrary code in the context of the application, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation; other attacks are also possible.
Versions prior to 0.0.4 are vulnerable.
PeanutKB is prone to multiple unspecified input-validation vulnerabilities.
Little is known regarding these vulnerabilities; this BID will be updated as information becomes available.
Successful exploits of these issues may likely allow an attacker to execute arbitrary code in the context of the application, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation; other attacks are also possible.
Versions prior to 0.0.4 are vulnerable.
Exploit / POC
PeanutKB Multiple Unspecified Input Validation Vulnerabilities
An attacker can exploit these issues via a web client. An attacker may be required to entice a victim user to follow a malicious URI.
An attacker can exploit these issues via a web client. An attacker may be required to entice a victim user to follow a malicious URI.
Solution / Fix
PeanutKB Multiple Unspecified Input Validation Vulnerabilities
Solution:
The vendor has released version 0.0.4 to address these issues. Please see the references for more information.
PeanutKB PeanutKB 0.0.1
PeanutKB PeanutKB 0.0.2
PeanutKB PeanutKB 0.0.3
Solution:
The vendor has released version 0.0.4 to address these issues. Please see the references for more information.
PeanutKB PeanutKB 0.0.1
-
PeanutKB PeanutKB_v0.0.4.zip
http://downloads.sourceforge.net/peanutkb/PeanutKB_v0.0.4.zip?modtime= 1170602391&big_mirror=0
PeanutKB PeanutKB 0.0.2
-
PeanutKB PeanutKB_v0.0.4.zip
http://downloads.sourceforge.net/peanutkb/PeanutKB_v0.0.4.zip?modtime= 1170602391&big_mirror=0
PeanutKB PeanutKB 0.0.3
-
PeanutKB PeanutKB_v0.0.4.zip
http://downloads.sourceforge.net/peanutkb/PeanutKB_v0.0.4.zip?modtime= 1170602391&big_mirror=0
References
PeanutKB Multiple Unspecified Input Validation Vulnerabilities
References:
References:
- 0.0.4 Release Notes (PeanutKB)
- Project Page (PeanutKB)